last executing test programs:

14.022438733s ago: executing program 0 (id=978):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x169a82, 0x189)
r1 = syz_open_dev$loop(&(0x7f0000000480), 0xd76, 0x181400)
statx(r0, 0x0, 0x2000, 0x20, 0x0)
syz_clone(0x80, 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)="d1f66f9eaa49665203b884c3964f4d7d8035e1175bc0")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r2, &(0x7f0000000400)=ANY=[], 0x1df)
write$binfmt_misc(r2, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000002c0)={r2, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d9600010000000000000900", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})

13.006010001s ago: executing program 0 (id=982):
unshare(0x22020600)
socket$kcm(0x11, 0x200000000000002, 0x300)
r0 = socket$inet(0xa, 0x801, 0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r3, 0x0, 0x6, 0x0, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x60140, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
writev(r6, &(0x7f0000000940), 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
ioctl$KVM_SET_MP_STATE(r7, 0x4004ae99, &(0x7f00000001c0)=0x3)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r8, &(0x7f0000002fc0)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0x10001, @loopback, 0x9}, 0x1c, &(0x7f00000000c0)=[{&(0x7f0000000300)="756d1604a67f07537f7262ca20063008223b0c5690583dd5423fb3f579902284dbefa831ca9f649db51946b01cb6701176c2355e172c54298a83951fd8641139f82c5954175915eb7b95b4440694423e41cf0af3b1dac3873b36b7", 0x5b}], 0x1, &(0x7f00000024c0)=ANY=[@ANYBLOB="1400000000000000290000003e0000000100000000000000300000000000000029000000040000008702000000000000c9100000000000eeff00000000000000000105020008000014000000000000002900000043000000f8db000000000000280000000000000029000000390000000002020900000000000000000000001d682272c000000000203100000000"], 0x88}}, {{0x0, 0x0, &(0x7f0000000c80)=[{&(0x7f0000000840)="2cb13cbc11b45ea6e1c6ea1d46eb11be52eff2af60cfd8839f7b6442eb13ebe402f92f36166d87f502c3949f12155b19d024e6ef2aff23526e3f84d8f50e6db73a808f7b43048ee4207171ca1c323900b1097589bd7c35b92374ddbcddc253cbd17f8bf58b3cc3af6725c071bc661675ff4c775697ec998ec757eeca3514ac217de69ccf13e332388ec5fd45b0f139b74e94253b0c984f7b06fb09b8906df3bb79ee18df990267f9a510f1", 0xab}, {&(0x7f0000000900)="31b9122c2eeaad4513b863ca3b80f82acf704c183c7b42117f5af737a27bf9d480fec7969d7ecf685bc3b4b2318671f16a51ae90eada49207329ecee47331fbdc4c84c408e86557234f854d63d90ff8a88175739062eedc6e09aab63ad86cb16383b6cb46f1ebac49f422991b58f98692450bde797b0b634845ade70980674c8e59acb3ca36a25d0b559d766561ff53aa6e39eb29739eb6d82", 0x99}, {&(0x7f00000009c0)="2195e73fe11ee2f83c1672a005e42940e23c5047cc907af118a7e83f6eb85b5844ab29082ede4f0cec0a267a7e46a2562e600e9657986a215909727a329aa364f6d597259235fe1f40164772f496900af597c024a61147333a76959e41e73ba33e4d693cbcd76c383c4c1027e246a885ab4042a6dbe7b107e6a7f4c1f6c12a5a696446a0822ae6b92e4022c119d2da6a9a6d9cff04882103a3f40f28a63006f36527ff0114ee2c9e391ca5e98411de0534f750d62ed63f0e76", 0xb9}, {&(0x7f0000000a80)="c65e82d86b5c68649cc21083935a4546dccc154018f28d6058767c3bbf63d09488277e604901fafab136df0dfdffbdf73ebf07542ef38256f2df77c475334fa2b3330cb1c7181650e216e5e4734bdee2064975a257cbc916ea0ed01eb54dcad047e6aa135d282861051e806ca07876c0c30e34bf9b2fbe14ec31d87e420377ad6f80", 0x82}, {&(0x7f0000000b40)="407669b028bc5110830896cca1d9283cece404ddcdb58d9a841bd656140702d512caf924581abcbdf7f3ca58655b19601b10bc078d57f72ec789d3d6496c69f768a7591cdb33295d7e938e50be1819249e79f2c200118389422455faa797d7b04a5fd5b6531c463eaf8c5fa3ad2b0fabf694f2bc8ddc457dd31e0de22921d03f0f91819041026df92431b13a2928bd58648738d5e9db4dffd56cc4a1d403b8bc11c60d5e200d1aba8ecb2b573cd9afe6baf2644c60c7cae7461f30202bad4e874eb1471e3f20064bcba5839b080a4941c6a39e683a4fec126011bf7cb2ad222823e1015257c33f3c6f126a1371785fa3f5924cb1c3", 0xf5}, {&(0x7f0000000c40)="57adfb1ba17ecdc610f8a4afb76d7be968d42c0746e76156ea7b1c4d", 0x1c}], 0x6, &(0x7f0000000d00)}}, {{&(0x7f0000000d40)={0xa, 0x4e24, 0xd3, @local, 0x6}, 0x1c, &(0x7f0000002340)=[{&(0x7f0000000d80)="968a9e493364a5376183b3bea0c489233e9b579a44025541071a79a09ac905fffff186fc8c33cff9c628f3220fefbcc40c28c120529ad1b418eb8ab28d6e716f05e7fe8757bdd44ece46df516a5d143250ca29c618918dfa01538aafcd1081b66c684148e914eee52872648491229f050962bca2098d229786977b3f9e265910cb968023b00ec9b7725c5e303fd6e5bb065278fe01e68d30a441ff30e246d725e01d5d4e96f2e94d6ce21ee076a6aa2b3f6179bee34758a7ee8b92f3c515b5833978ce9283a20d039a9191d1c2619df0438391d10217d94eecbb22f6adc14966eb83277ce2af380b876013f8ae796c3b5e3332334e9f68def7d46ff2b3c6863a16d4f3dd7a3f6edd6c076592b11266865fb40a0be9acdb66fa70b87359cf829d0f7073d5dd477903b18825b195da3f6faf27add80d103b66c568021b5ffbd3c1a2d9dd4ebbd6b5a70a2df38d879f396b935d02bb444eb19ea633a2f8b1856ed13ade2121f5e01b61d14ac0f4a635b7dad2489c6ba668a87c36e68b7da8309b92c70974402c4cb278912e2f53f0e8852ec71fb3c762609b295a20886ddb356ad878942fbe7bd4059a12ce63cf6ff1d759b52220ca47ba239b87950adc39da2de201283cc6beb8b31c48c28f4aafd6dcc3e25a85e94c126e385bd76a40b87c53013ca34b5bb949370a6e1769717efb7290852aa32dc7ad54bca6906b5d3a751d0ba498831f45aeb0285ba981921ad6a7888d6d98331aea52d8f1dd7fc535a7a4b33822b922284059d7819cee853a6ac8274dc7ddeebf451ca60af870860880565cbcfe0201620901c56016c4fdd9832799e4619fcff2c8fbd5628a81ddcbacf9cff532a6361fe98613225af142bd3aa8ac6d917965234a22227c4bea5abdac35b6cb5944289e76616fa529099a6c64f5a8ba8929c7dafd00cb641ce0bcc261588b16c5a60a8436ae69703a71f2cbf068bba2a15b484f09cf06ee9d7d31e0f0a844c1f66b09df369f4b0eec199cffd8df3745becb4653e15039b4c4012d7008e7a759627d36f716c9e194b907a9179e385a53b5a14c414679db4c6d474bb7552053ade378391fb1fbc19ec570e104e5a15d6c1d5766669e569fb3ed9d47a7d05ae1005b001bd527eeec6982af4126d298e836c9f4bc39018f4592a3929c4683d0b3aa7443c09df850a3071ef01f0075bcb490ef3150a1cbe8f89acf0877c35fbe3d6ed83f1a0f60a667dcc81c33f032335883ff3e90e2fb4f8083dbce4b1240d8b81ce06756ad9c4dd3aaa1fc8035fd1be5de79315239d9dc27d7a84568964026978198d7e49d8fa50af857a9685cfbccebe91980eb5935d5559c1233227739c2a39ac3c251286a6aa051ae91246798cb7a8d5d62117287b3d532996ac2cc9a6aa741bafef8920659e268e317f216f637afc70d2adf96924023011d27e3df8177b1ef83731c2146e18caab03db63d8fafd675ceaec0f4424d8256a9a2a9bb32c7a386a9e3151f19ba9f6143374c1e83933c3b86444d2d446049c3d4c367be7ad4d58b8124ad06710cfd5cfb141098b91356de4ea20b6ef2b5f733727b2a941d80604c130e77ff52f343a21c62234e6be84bab060b5904613897455c8d52db95e56b7b3d2266d13bd2d01d726008b5da672680facf279cc94358cc1a2704018b5ad7e3e07b945b3a9f3c3d9ba61eecbed90af82168c9ad986508957a35751555cac21e8f4fa0d4e048f8af8e54f05d20e62f351429e69b4b8de7ec3c094fd09c4e96d3d2860087d4f758ff3b34d627c24324306a81d8f692d1bdfe49a0da536e814e746d18ae1644fbb05e720ff3d4473d19534bcbc326f04dcf2927e11da7e5d471cce0d78df6948e5b6e7045a1829b690d6152ef37f66f536f636371a855062bed9fb8bc3c63f625f503cb7eda06f7d5288b2dce66f3804d596ba446cc66b90cc1395688c1bd69b454bda4537f0f367aed7ea47a741555f1a7303f6309f4a84ce9a7ab22e181f24ea219f49eb425747d1c356ff95c6760816474af0ea78b868e119bc4ba6d20ed6c4a76bc392779bd3feac614301c5f44333a0c46136a7eabfc47e2383b7729530041d0b1ae25a849ad4ec25c20329b2460ccd37dd9673036d803109d6ad682e91e3788e8bc3e4dec812d100524c0da64fbce0145a4cb174d59c5bd074f1f689b9dca15a8b1fcd5205a6a68f55872e4eb9a98c29195862c96ead8dd169cf32e91919e7dbb4c49b5726061cf2ff24a15aa6ac0f5d833123bec42aac85f4a813e5051bb527b55889f8db5f2fbc99852cea41a27122bae5d5c7da8c4abff4aefadd40cf709a85b845b158f828fe7177c040aeb0afd5f4e0fb1d7d9009662b9998ed0f553eb688c828d88e5886fecf84f25e13c1276dd5c5c2efa49099e591c00cd745ede6089c0a6609edc6c5f3dd02860d5e4a0bcf1e7ce44fa1e8cfed58c306e5387d5566f6a61d567f6a74eee9140d962ea459d5e0489bb8eb4288be4c2f26e6ef57d3e34858f41975c59fde0c4069fc541eb52afedbecaa7c3650d8b997ffa7aa1396aa7649089f05852e625d1fcb8cda432444a1ec751a0e279fab8962d522de34a261781f2a613c61fec06fc383fbb787dda860b1ce5040933335630791f0c0369fc2aaf5ad47f117315493840140f0e5004f255a9f720dc2a601378ae97ca54799a211e82a49a97fb1076c270e0faa4361febc502692f875c6367750e1093655a7b4200d0ab1be53b528699b009e23f59b65d11e288b87685412c285c464bd740def5b762530422d5366dc010801bcdca82a65527606d5f16c3e7ff8d911429a2451071f705bfe89c307949a18660fab815ba795e0922509e5370d013322804043a3b132afe38abe99884402a52efd36a2d4ddb1115d0a8f71db84de5f30c10b7a88cd7677b0a928a793ea8f8c42db5ad7f7e11e33b85383b8a229cfb4fb80f75e4f270c610ffeea4d51bea3252b3fab7c8007eb2297f16d7bc57dd7f215df3006697c5580867311a3957160bde1adb04afa0f5c7a82d44ce7b6569a0dcb1da23f8b6ee2bca528b4420b8855d9a3263160a2fa84a198f727412ac6af101719821f26b347b75c990568b55b18ab87a535b33af543cbceec5ad9a9c08d8015a9d92d40ce5b0703dab714fd97ff7006172e96b8c5213dffcc8cdd4805c6de48d12d773de2ab13deff0eefdda6303977d1f2702931f23cfdfbf7ffeea13d8717bb3e621a13c06e6efaac08a4cc0f6f56f3b7be19698422447414943b4840d9fb1ce33f3eef43caff23c0834eee0aebad8adcca98f5b1b6299969160056e174c4b030b1de9dfe64a322d87291c62765d3afeacd4e97c2b54c5287989980d58a0473138eb4e8fc04985d914b7815e7c45634946b054558f00cccc3ea5d2d711867f5446ab13317fb700802af34c61216e80e41e6e177e40cbaccb86fcb6e6d88b7e7c892e8c224e5de0ae5f7b0ee4a9ad7aef72a8fd881a7f7ffdc3acbbcfd096bbe45085e30929bbce61dbf7d3dd1ce80faba2852ab5dcd14c680b85c88816c255da0d0b890ff7ad76f8d94497f13c6788c432c339e094e1c44b535672e97497fdd89b6a0263cb3eb51a1205989b1cbab1d46a433284c4bf5c74ebecb2a90741ccaf197098f9ec46461d78b704c405296d7c51da491554aa0f0800f0347b72c2e47bf2dc1a8760da4a36c70baaa7f577470418c69648e9099ad080f8f92f959f623e39e8e7137a6300afc0fec9c3604873b15e85c65fa590f27df7cc05665288551af1d287bcd1999257467d4ecb9b3f3b2dd4c4bdf66d05f03b0a4c9048b1da7df6c811dede8e3fba51a1a1e7e8388b8535448aac3e4bce74b76bb7588d0607a07a550a6e569182b099361bc2c6adeb71bf93f17baab256ff9cdc406074bacec232a45974567f2e5d9188c30b252349256ce53cb3d4288620eb0a85af88f3aeffaab69df7b4565e711ad7a808fca1eeea580c4abe3f20b90462b5af0e709d775843a97629e3f4026acec3c56baaa969b4b51aa6c3acd8e90f14f1f81371a9923b44ef2f05fa52439afe06da533812f0e20c7d86fc3e573f9ac934b21e8219702b2d25b9029c2fd8b35a5bcdb9ef2404dade20cf812937c2a549f37582d7621216a7a54d79030e98ccfab2e5adb3212b3521c3812ea31e6b3024b74ceb6517e642474abda4a441a032776527af07a5ebd92acab18d0a33546733da39ae3f897fbcbd21921a6c87d1a8886fec16d5d26950e72aaa60fd565e4fef3f08f2d44d2c3fb86ba722fb62b2d62a9029a281e23bb2e0a1bbd7b4222cfae38e3fa9e3b0a1c5af9a715e023209358067196a59366d9d7253b4261233d55b35c79278d8935dd23bdeef54e7fbee1ae059888c2a58ac22fbc8d42c05b5406b75538b4d826cff43c1c1a4b5bb5a4fe1e85989ea50d932566e07281099db168fee5478c4c8cf0fc87d7680eac77c0c5aaccfcc4e3b3cca459571573dc75c8b4d9e470d76c031f1b3f44fb9c96e707edf1d00f7398800cf8e6781ee62cead1ea0cceae6601f7606a628fede098e7e69a1f82f61f3e0dd5eeb5a0de0068daddb71b3705f5744a6082a1213b1c5076e33032731a4fd0e88fd311b43e8f1c0fc794e9f547453685e288342bab2663197e9b6956c8dd48d138859137c289e900052eee1772071535b60317bf17f9966f3dc7e9b857528e26e35d7093947b0aad0a7c0a137c0a77060d7e7f37dc10ab794e46e9251895925c4051c662c5a9a063efa8bf720bafc46f91adfc6543c2aac3413d2f4395eb170cb916b29fe7479de417a3bec6d0812ddfed9dd0d0cffdd66f74d3166975c7565b6ba68d4c735bf0b80816e0f5bdd3debb2950eee0b9a3b32cac65a1163b2b81f2ae6a7cd9a1265a1577f93d1161469e31a3c147d9786e9b511481ca6a73e1e7210581224aefb1c60ce1832d5aa4ee40c51088c1014107d35666036cc80294f7c4881e64ae295dbfcc9137cf69cb47b5f209fa4d668bdeb0058c974018402277493934947c3e855849dc80d6de158f3eb7455cfa4d120ccdf3132ca53082628173f348bfb2c7f89ccba5b1059d533b5b1612bf3f89c54b3387c782f2f8d4d957ad9b1be129dddbf6016e3d3ae9b435ea65204bd880d4f55fcb815251b21c23bdf81abfb80822cf14dd82ff66033e34262129040059b5d76ace877fba206d861484a9c4c30c13211103c5383f8f80f3509c289f546c41b1dbaf99b61c897e8089597d590d6c238a0f073363bad9cb135241f6ea8687250cdbff13967ec5a0165421671aa1ba6a720c5cca037701f6b06ed82d9d689a499c2996d28c502a2f88921d6969efd6752d7d9c1b3ff7ddaf6ea806dfb753504ab034b7ba9317deed63c7b2eaf0626c5cb8b991ef8965ee8e4219e7b3abc4826cc77d3ed3ec03dcfd539d04a5fb0dd84d8ae7abaa2e63ab3", 0xf00}, {&(0x7f0000001d80)="d9d76fc5ed020d14daf16e666402dbb34f05b4293387ef500b7cb520f6793263dd5369b0f4cb8e6c7926cc9c87cc554a87eba5b7601a88ac1f573a5b982e5b45c7fe50ea5a7d8a108919fbffc364aa55cbcaae546c8ae84d403ab1a0af8c0d26dc8be137ce008383bf83d8a680f8272274dd452ca6b12b008ac8598018e0f986fecb67fd70f75ada71da", 0x8a}, {&(0x7f0000001e40)="be73b1adabf81e11053abd04faa698178735ce2cad57b594469d3172b9db1e9edf7da4cf09e7757b114600"/69, 0x45}, {&(0x7f0000001ec0)="3894f7d8dbc8611565b635820f7c3b6116293e9332fbd549f799d0c8625ed345cd744d3e19abbfa9a4f4da0bcd16030406db9a6eb122b66315d4b82077d5d717c5dbcec7da6e485c4e8348aec53ab8d436d36afa3dfaa3f733f56012e4792f7c8065ad640f85b481a86ad1844434cb84d8ee76eadf940930d1fea6a577dbd4c209f745b36f54ae5e2e33c9bf12695a46f282e80cc47caf73f2cabcba24c3c1c5e2b1354ed8087d8737ebc98068560a30b50974cd030894f0e9512832160618a9504da9826777dd465b55b364d498f83aa4ea6414cf767db81dff481d2c71dd7e0b99", 0xe2}, {&(0x7f0000002580)="6831d9f619d45c9031160ad3d489f5516c785212fcad7436becfd1db37d32372ff276339e825f3ad2ccf35c60d983d0250d5af37656cbf19b559289025646ab907f142275cb5c447187a5753e6884b45e778547b619cc5b96bd566a84af776a6d3029647518b9da5216d7a9c677be98c3e9eda7262ea5d78d6832221919d7975858dfbb18bada33f8226defd1e47e8044d22bbd9db615ee3af770db11eda97488054dbb0a58b333eb87645de67785906040d9796a816d1d79db21a203a8bd5b3a27778fd939ae107e92b8b8ca89f1d183b3681730a56dea276c17e6e7e79e362e874d7d9ae0b8096fcca8b4956249015d2dc297a76c89af7d8e05f94aec9d1abc3beab25997526723a6df97104caf9003ee7546e35f06ea5b2ac27cd287cd5619ce156ef68477dbac8c20d7a469d6d6826fcdd8fcc94663c70821dbc41331ef492c44a5cca570a18df553a4221574f439286b5e0ba25", 0x156}, {&(0x7f0000002080)="bd125cd87d153cc9d7cf1dd23621d5b8b13ae183cf743c9ce235438e65c1e472", 0x20}, {&(0x7f0000002140)="5e524fd284594b99fa79db342eca2bb6a8aec42644e5d6ea95d0ebcc3ed56f831192e360a823606bf763504cb9acc0a8ac9939e5b548f7515c1de88601a7eb9d521f4145c57bf310a839f72c24b0854629741b76dde90bc363d259ed04a50e944057b2ed530491a7e4fadab338994c6025d0754ace849582530f0213c7f4534a5c6094c3f7c6afb3e62e75e6b37de94b8d8cbab5ad3592ca7d5052ed548eb29de5ada56a3206358290490a2c11d3b6a03dcb5f65dba61e06688c89535038f302b43ae1cff638b4ae06b7e9f1a48f132f4c", 0xd1}, {&(0x7f0000002240)="f1d5900257c36a8d791446172cc56975ba6f34e76d6ff7050bfeef1b75e318d481fe0097c029228f37de327916cd2015ca9af608aced8dd1aaa1625be3c36eab74cc117ff4dd7e17d5381026a26d9f3b894e6a68e406e2bfd498e0096019c623a88823d42dcac546ad684c026bbfac61ccadec4eff90d57b7593a48bb998d877a084dff7cafd00e858699b7342d916d230b610fe2922cab3a6d143a8879c8a69fd67feb033dcc9bfb0cbded8668cf6e04a479a287c6a1bdadb95a2480c1872284c79", 0xc2}], 0x8}}, {{0x0, 0x0, &(0x7f0000002900)=[{&(0x7f0000000280)="765758822caabb99498fd9d49efcbc8ff35b4aff3cdc11cc692b3d86f727d16184b25bab68f5614afb5a32a98e4ca65b44dd195525e22538384f89a9b760487f367c39d7f28a0ff8b7c5a0082eeb625f811866ed58", 0x55}, {&(0x7f0000000380)="985c1a34b8a564dfe3a5d04d540bf67bf9081144b8e90e7b45ff611bc0868afc65e955f1e523881b9762485d075f63b3d868cf1c3840610e5500ad12125b94abb0d6347091ee7badef7939b93c301ab4a0017a82dc9e2fd088d3b0c6c1503aa46d48e70abf625d25c7d9886f15abd8bcadd860006eb75489ef4824b28e34a14e78e989fb6cd72c2fce524bbc3fd5539498786a52abec776027679d427a622e607cb7ba97126ee4d960d9226935e260699dc7731e56815f9142baf04409e16849", 0xc0}, {&(0x7f0000000200)="a110da621d777d03e6f35ffcc30c69", 0xf}, {&(0x7f0000001c80)="a4b2661358028725dbc8f3f6c56ba0ad66d6c50d17d336bd4fb6153fe3c04da5cdef8ea6f6da68ac43751c9d60bc8133789f13cdc3437ed31151334097e1d4bdf4806f8b2714ead2d81b0d4a42886620688e9aaf84b8d7619fed02566ced62897bcb9eec6e00fa78289aef898b0a479535d4fbf05de9d99e9f0334c8c9116af204f8d28b91f0fa38aaae939803e9ee5ab64c3a501fd07b510ba75e35831ac3333ad926c0bfb169cea959a18e589b1fab9350c9b0628291ac00396b47", 0xbc}, {&(0x7f0000001fc0)="4fdb0c1c9d7305f7e30dfdcf6af9144ca99b54bedee12f604ff5a8cbcde4deb674a23b783f9d49a586f123948892593869b34bb79c5a99457f4b02bf99b1c29556f194876b4b10cbcfa6164bfcac7161a72ba00d44d68797b59cb750fedfa06a5967efb1cb1e61659de6b0cfe6bd70e757", 0x71}, {&(0x7f00000020c0)="e5ff79061268ddbeac76345a7def08926e17c27f5ae5ddbb5e7e1dd8fb8f550521e7d27ce0342316677dec16b2c6c3d277c8d9ddba87d82652e015a4c3d2fa021a2645f384872052b429943932f7955514564b42bc455f9b90e3fdc90f56e3db785cdf4405", 0x65}, {&(0x7f0000002700)="9ba947a2d86832923ab23a9101db070c488a7500e7bb557088081db8c8325d32095e75d35f0da1a6ca5d7495ed41abea417ceab85fcb88fb96d72d4227fec19ed0e47cf1ead86cdd928ea7f1b089991613b4ee9d18d2c70251c80c5e515eaed06ce892c8efbd3d3affc00d287a209a7ba923ac2f6c832062dab6074fa0233baec467fe1d4d1e8cc875e21802fae3fc3308b876b2d93d41508aee889747fe504d975adcc668b70165", 0xa8}, {&(0x7f00000027c0)="82e77bb24aeebb174534df0c7f1072feb5df56a9ea247693da7daef5695d246ef857a82819dcd31d997d898bd1e94afe972c719c170a122dbb72b260a1f8f48ef236f9", 0x43}, {&(0x7f0000002840)="70abc7b1d20b621957d41e530d789f3372b7babe90c56f038c47b21d203b70ea230f680b6702e116f2899c30efde5e7936edff7cb35a42df880395e06321e7bd13a50a0933099203b4371234f07573b353e7dcbd589d138d87d165ecd69159a1bad3d6a73713bdfc6309f9fc57e8cf992e7822d8f2f888c20231db07ab003c2907083e5b4087ed9c8252b928b38ce2f4d094fc0a79a0bed6dfaeeb5c9ef2a5a8d9b3a7b9a2dd6aa9a44267f7a3aec918e66f", 0xb2}], 0x9, &(0x7f0000000d00)=[@hoplimit={{0x14, 0x29, 0x34, 0x10001}}], 0x18}}, {{&(0x7f0000001d40)={0xa, 0x4e20, 0x2, @remote, 0x2}, 0x1c, &(0x7f0000002040)=[{&(0x7f00000029c0)="6778ca203dcd5cf6a2a69696d83a061dbb393fe5bb23940ef927f87c3e76016d3a56f04baf9c7ddc4183d57afa852b961846a071fba15b13b85034e6cb29b7b964797adbd72f0431c9d61e504ab2491396e756d50827e74037a2edd63ac22ecf397aaaf0cf44230916303f8edab1d176b57568257b881d01b5d611524dd8029e891de84ef6f357938c0657b01cf732a034166f6dcbd794137e2d03e95dac3fd9c94e6f37f40bd5046430590f2e5fde2e638190e0bbfa0d64dd099b9edb684cfde6514b11173ffbd39d", 0xc9}, {&(0x7f0000002ac0)="89f4c8927536960421d5e91e3dc38a25ca9e80257f70f95196f2f191b9c27e068488bd1c17074afa31e56d373bffc172b98203b7ee6e5ecce295e36865e46ea9e1bef1582b412fd270def097a5660e95b4265992e6311b57e7b607904201e06e2f17b342bdc44578e2f79bce29d8deb141633d2dfc381ce4f4e21c0d5ea70c4b2c0009c43975ec7891b785ae1bed4db12bc8603f7cf30bc5cd5fcf0f5914760b70b74bb9a023c4a988fcb5c02020436d494d643218ad6af718b282c1bf6747bc1afeaa0d00a275bc6d4a01cf32bf790e6bda87f81037a2b720e8f8cf8369", 0xde}, {&(0x7f0000002bc0)="681342bbe041f8d325fab462dd66470eaa123870420a94759b5d2e4c9a1d40a9e49c568fea0682244b307147502145bb464c66a603be676a0eac7b78de7e5efb72d594e27cd3024b924ad96053f0f7295c", 0x51}], 0x3, &(0x7f0000002f00)=[@tclass={{0x14, 0x29, 0x43, 0x5}}, @hopopts={{0x20, 0x29, 0x36, {0x2b, 0x0, '\x00', [@jumbo={0xc2, 0x4, 0x3d7}]}}}, @tclass={{0x14, 0x29, 0x43, 0xcfb}}, @pktinfo={{0x24, 0x29, 0x32, {@empty}}}, @dontfrag={{0x14}}, @flowinfo={{0x14, 0x29, 0xb, 0xd}}], 0xa8}}], 0x5, 0x24000809)
madvise(&(0x7f000023f000/0x2000)=nil, 0x2000, 0x13)
setsockopt(r8, 0x84, 0x7f, &(0x7f0000000040)="020000000d80ffff", 0x8)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000240)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(r7, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
sched_setattr(0x0, 0x0, 0x0)
listen(r0, 0x9)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x9}, &(0x7f0000000140)=0xc)

11.88604564s ago: executing program 0 (id=987):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x0, 0x4)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$vim2m_VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x84, @broadcast, 0x12, 0x2, 'fo\x00', 0x20, 0x4, 0x3c}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(r4, 0x0, 0x487, &(0x7f0000000000)={{0x84, @loopback, 0x4e21, 0x3, 'lblcr\x00', 0x0, 0x81, 0x3a}, {@rand_addr=0x64010105, 0x4e25, 0x0, 0xc3, 0xfffffff8, 0x12d5c}}, 0x44)
r5 = socket$kcm(0xa, 0x2, 0x0)
r6 = socket(0x2, 0x80805, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r6, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010102, 0x4e21, 0x3, 'lc\x00', 0x5, 0x8, 0x77}, {@remote, 0x4e20, 0x1, 0xcd}}, 0x44)
sendmsg$sock(r5, &(0x7f0000000400)={&(0x7f0000000140)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x2000001, 0x12, r8, 0x0)
r9 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r9, 0x65, 0x7, &(0x7f00000001c0)=0x8, 0x4)
sendmsg$NFT_BATCH(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a4c000000060a0b04000000000000000082007c071c420480140001800c0001006e6f747261aec400040002800900010073797a30000000000900020073797a3200000000050007400c000000140000001100010000000000000000000000000af660b0c7e6c11a021ad214d4a5fe9e03000000fd9d70e3452e991ef59e812727b000defd0782f62184ee370881817051c650b2cd99fa700cabe16d72b2c7"], 0x74}}, 0x800)
syz_usb_control_io(r0, 0x0, &(0x7f00000010c0)={0x44, &(0x7f0000000080)=ANY=[@ANYBLOB="00000100000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

11.274934794s ago: executing program 4 (id=989):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, 0x0, 0x0)
listxattr(0x0, &(0x7f0000000540)=""/212, 0xd4)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
r2 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000140), 0x8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000940)=ANY=[@ANYBLOB="9feb01001800000000000000ac000000ac000000090000000600000000000008000000000400000004000006040000000f0000000700000004000000b50b000009000000040000000a000000000000000500000004000005090000000f00000003000000120a00000c00000002000000010000000c0000000300000001000000080000000400000000000000030000000000000200000000000000000100000d0000000001000000020000000f000000000000100c0000000b0000000000000c04000000005f2e306100616100dd0adf93df3ff8667352b3be363bba82a3f9dbdd999e542007535a769594a0247235e825604abf46a34ee5186c8bfc49f19d6b48ae8329104bfd8f91a2dd7ff2844e2c3876c564d4d9a3b1b0c5b0e6cf"], &(0x7f0000000840)=""/228, 0xcd, 0xe4, 0x1, 0x7f, 0x10000, @value=r2}, 0x28)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000240)={0x1, 0xffff0fff, 0x1, 0xffffffffffffffff, 0x1})
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(0xffffffffffffffff, 0x80045530, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00"], 0xa8}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x50a32, 0x23}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BR_GROUP_FWD_MASK={0x6}, @IFLA_BR_GROUP_ADDR={0xa, 0x14, @random="15714bc789a3"}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x4008000)
r4 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x13, 0xffffffffffffffff, 0x0)
r5 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000240)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000000)="0900bf65653f47f4020000008bd458d1e7cbdaf300000f34e7e4165f081ae36850f6d15c3e681411f7a496c0da04003c242f5bedaf6bec340dee49474362b24cb800edc500", 0x0, 0x48)
statx(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x100, 0x94, 0x0)
syz_memcpy_off$KVM_EXIT_MMIO(r4, 0x20, &(0x7f0000000080)="3c9c7f3ca6ed7fadd9c2da32b98ae7d4f05cbccca68099fc", 0x0, 0x18)
ioctl$UFFDIO_WAKE(r5, 0x8010aa02, &(0x7f0000000280)={&(0x7f0000fff000/0x1000)=nil, 0x1000})

8.388360341s ago: executing program 0 (id=991):
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000002240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bind$alg(r0, &(0x7f0000002280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr-camellia-asm\x00'}, 0x58)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000280)={0xffffffff}, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14ed0000a89ae2bd000068050000000000000000"], 0x14}}, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)={0x1c, r7, 0x301, 0x0, 0x0, {0x34}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x4}]}, 0x1c}}, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0x40a85323, &(0x7f0000000380)={{0x3, 0x81}, 'port0\x00', 0x41, 0x20010, 0x2, 0x1ff, 0x8000, 0xfffffffe, 0x8, 0x0, 0x4, 0xf4})
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
syz_open_dev$video4linux(&(0x7f0000000c80), 0x7, 0xc82)
modify_ldt$read(0x0, 0x0, 0x0)

7.792734631s ago: executing program 4 (id=993):
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f00000011c0)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r1, 0x3b82, &(0x7f00000000c0)={0x18, r2, 0x2, 0x0, &(0x7f0000000280)=[{0x7fff, 0xffffffffffffffff}, {0x0, 0x1542}]})
socket$key(0xf, 0x3, 0x2)
ioctl$IOMMU_IOAS_MAP$PAGES(r1, 0x3b85, &(0x7f0000000000)={0x28, 0x2, r2, 0x0, &(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1})
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000010485c300000000000000020a0000010508010002000000"], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x20000800) (async)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000010485c300000000000000020a0000010508010002000000"], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x20000800)

7.149939175s ago: executing program 4 (id=994):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000840), 0xffffffffffffffff)
socket$netlink(0x10, 0x3, 0xe)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000005c0)='smaps_rollup\x00')
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_io_uring_setup(0x18d6, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x1, 0x401a, 0x0, r3}, &(0x7f0000000500)=<r5=>0x0, &(0x7f0000ffe000))
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
openat$iommufd(0xffffffffffffff9c, &(0x7f00000004c0), 0x101080, 0x0)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x0, 0x3, 0x0, 0xb49, 0x9, 0x8, 0x2, 0x3}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000380)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_GET_FTM_RESPONDER_STATS(r3, &(0x7f0000000540)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x28, 0x0, 0x300, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r8}, @val={0xc, 0x99, {0x9, 0x59}}}}, ["", "", "", "", "", "", ""]}, 0x28}}, 0x24000)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000300)={'syz_tun\x00', &(0x7f0000000600)=@ethtool_eeprom={0x43, 0x1d2, 0x8000, 0xba, "98d38a5e3f3fffee4214ce01ece7578f23fd5022f7209a7e449d8580de439d1a285450817c90576abb4f4b54eb727299efc6e330672a6ebcd352e6266427a70307754c3b2cf55b7358b671f798214cff305550a011fcfee889e602744cf063aee13b9ab477696f4353a30cf9d17335570168d0a96428b802be61807ff0d3b5ee802e0377e8863b5d5d393a744b67161654451f01f042dcfce899a147a743ae88c054072102de04d0869c921381e18a246da45a0c5ddb6fb54431"}})
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r4, 0x2, &(0x7f0000000180), 0xfe)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x2, 0x6, &(0x7f0000000340)=ANY=[@ANYRES16=r5], &(0x7f00000001c0)='syzkaller\x00', 0x8, 0x2e, &(0x7f0000000200)=""/46, 0x40f00, 0x12, '\x00', 0x0, @fallback=0x24, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r3, 0x0, &(0x7f00000002c0)=[r3, 0xffffffffffffffff, r3, r3, r3, r3, r3], 0x0, 0x10, 0x4}, 0x94)
ioctl$BTRFS_IOC_LOGICAL_INO(r9, 0xc0389424, &(0x7f0000000480)={0x1, 0x10, '\x00', 0x0, &(0x7f0000000440)=[0x0, 0x0]})
setsockopt$IPT_SO_SET_REPLACE(r3, 0x4000000000000, 0x40, &(0x7f0000000880)=@raw={'raw\x00', 0x4001, 0x3, 0x2b8, 0x180, 0xa, 0x148, 0x0, 0x148, 0x220, 0x240, 0x240, 0x220, 0x240, 0x7fffffe, 0x0, {[{{@ip={@rand_addr, @local, 0xffffff00, 0x0, '\x00', 'veth1_to_batadv\x00', {}, {}, 0x21}, 0x0, 0x118, 0x180, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'lo\x00', {0x0, 0x0, 0x1ff, 0x0, 0x0, 0xed, 0x7, 0x78}}}, @common=@inet=@multiport={{0x50}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0x70, 0xa0}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x318)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYRES64=r7], 0x74}}, 0x28080)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r2, 0x0, 0x90)
r10 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r10, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, &(0x7f00000007c0)="2e0f09b89b078ed80f20e06635000001000f22e0f731260f01ba15ff65660f3882653ebaf80c66b80272ca8066efbafc0ced26f20f7c6f450f78d3660f38824d00", 0x41}], 0x1, 0x40, 0x0, 0x0)
ioctl$KVM_NMI(r10, 0xae9a)

7.056660093s ago: executing program 3 (id=996):
r0 = syz_io_uring_setup(0x10d2, &(0x7f0000000500)={0x0, 0x7736, 0x80, 0x0, 0x26d}, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

6.590920035s ago: executing program 3 (id=998):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x4d40)
syz_open_dev$usbfs(0x0, 0x76, 0x101b01)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = getpid()
syz_pidfd_open(r3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x2, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x33, &(0x7f0000000040)=0x80000003, 0x4)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0)
socket(0x10, 0x80002, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
r6 = syz_io_uring_setup(0x132a, &(0x7f0000000000)={0x0, 0x5042, 0x40, 0x1, 0x3df}, &(0x7f0000000080), &(0x7f00000000c0))
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r7)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r8)
setsockopt$inet_int(r5, 0x0, 0x33, &(0x7f0000000040)=0x80000003, 0x4)
sendmsg$rds(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x40800}, 0x4000008)
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000280)={'nat\x00', 0x0, 0x0, 0x0, [0x3, 0x9, 0x5, 0xffffffffffff902b, 0x19, 0x7]}, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in={{0x2, 0x0, @empty}}, 0x5, 0x12, 0x0, 0x3}, 0x9c)
syz_io_uring_setup(0x466c, 0x0, &(0x7f00000000c0), &(0x7f0000000140))
futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x1, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)

5.492138403s ago: executing program 1 (id=1000):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
rt_sigaction(0x20, 0x0, &(0x7f0000000380)={&(0x7f0000000140)="f20f8e341b341bf82b710026f3440faedac4e27d1d318f491891c6c4617167302e3e660fe6a30e000000f04383720406426e420f01da", 0x0, 0x0}, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x800)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x42, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$SO_TIMESTAMP(r3, 0x1, 0x3f, 0x0, 0x0)

4.670721552s ago: executing program 1 (id=1001):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0x3cfa, 0x0, 0x3, 0x113}, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x47f6, 0x0, 0x2, 0x0, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r4, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
listen(r4, 0x4)
sendmmsg$inet6(r0, &(0x7f0000003c40)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback={0xa00}}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000140)='j', 0x1}], 0x1}}], 0x1, 0x0)

4.051254381s ago: executing program 0 (id=1002):
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
io_submit(0x0, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000100)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$KDSKBLED(0xffffffffffffffff, 0x4b65, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f0000ed3fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
shutdown(r0, 0x0)
setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000040)={0x1, 0xffffffff}, 0x8)
sendto$inet6(r0, &(0x7f0000000100)="bc", 0x1, 0x4, &(0x7f00000000c0)={0xa, 0x4e20, 0x8, @loopback, 0x1}, 0x1c)
close(r0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x1f, &(0x7f0000000200)={0x0, @in6={{0xa, 0x4e21, 0xffff, @private0, 0x8}}, 0xfff7, 0x9}, &(0x7f00000002c0)=0x90)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x185)
r5 = inotify_init()
inotify_add_watch(r5, &(0x7f00000000c0)='.\x00', 0x5000009)
fallocate(r4, 0x0, 0x1000000, 0x3)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r4, 0x0)

3.902047592s ago: executing program 3 (id=1003):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, 0x0, 0x0)
listxattr(0x0, &(0x7f0000000540)=""/212, 0xd4)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
r2 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000140), 0x8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000940)=ANY=[@ANYBLOB="9feb01001800000000000000ac000000ac000000090000000600000000000008000000000400000004000006040000000f0000000700000004000000b50b000009000000040000000a000000000000000500000004000005090000000f00000003000000120a00000c00000002000000010000000c0000000300000001000000080000000400000000000000030000000000000200000000000000000100000d0000000001000000020000000f000000000000100c0000000b0000000000000c04000000005f2e306100616100dd0adf93df3ff8667352b3be363bba82a3f9dbdd999e542007535a769594a0247235e825604abf46a34ee5186c8bfc49f19d6b48ae8329104bfd8f91a2dd7ff2844e2c3876c564d4d9a3b1b0c5b0e6cf"], &(0x7f0000000840)=""/228, 0xcd, 0xe4, 0x1, 0x7f, 0x10000, @value=r2}, 0x28)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000240)={0x1, 0xffff0fff, 0x1, 0xffffffffffffffff, 0x1})
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(0xffffffffffffffff, 0x80045530, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00"], 0xa8}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x50a32, 0x23}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BR_GROUP_FWD_MASK={0x6}, @IFLA_BR_GROUP_ADDR={0xa, 0x14, @random="15714bc789a3"}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x4008000)
r4 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x13, 0xffffffffffffffff, 0x0)
r5 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000240)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000000)="0900bf65653f47f4020000008bd458d1e7cbdaf300000f34e7e4165f081ae36850f6d15c3e681411f7a496c0da04003c242f5bedaf6bec340dee49474362b24cb800edc500", 0x0, 0x48)
statx(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x100, 0x94, 0x0)
syz_memcpy_off$KVM_EXIT_MMIO(r4, 0x20, &(0x7f0000000080)="3c9c7f3ca6ed7fadd9c2da32b98ae7d4f05cbccca68099fc", 0x0, 0x18)
ioctl$UFFDIO_WAKE(r5, 0x8010aa02, &(0x7f0000000280)={&(0x7f0000fff000/0x1000)=nil, 0x1000})

3.732354995s ago: executing program 4 (id=1004):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket(0x200000100000011, 0x5, 0x4)
syz_open_dev$evdev(0x0, 0x2, 0x903d01)
syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x0)
socket(0x10, 0x803, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080), 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x8, 0x1000, 0x0, 0xb4b, 0x9, 0x9, 0x1, 0x400002}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000340)={'batadv0\x00', <r3=>0x0})
r4 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000a00)=@generic={&(0x7f0000000780)='./file0\x00', 0x0, 0x8}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0x15, &(0x7f0000000540)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xa}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @exit], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000040)='syzkaller\x00', 0x789, 0xf4, &(0x7f0000000880)=""/244, 0x41100, 0xb, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000006c0)={0x9, 0x2}, 0x8, 0x10, &(0x7f0000000700)={0x1, 0x5, 0x401, 0x1}, 0x10, 0x0, 0x0, 0x4, &(0x7f0000000a40)=[r4, r0], &(0x7f0000000a80)=[{0x1, 0x1, 0x1, 0xa}, {0x3, 0x5, 0x2, 0x2}, {0x5, 0x5, 0x2, 0x1}, {0x0, 0x5, 0xe, 0xb}], 0x10, 0x61}, 0x94)
r5 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r5, 0xc0045627, 0x0)
vmsplice(r1, &(0x7f00000020c0)=[{&(0x7f0000000b80)="c7216684199dbd8b53ab5289f00128795b46b01ca4c53ea21898c1e441f98b099fba96a951c7b9921451e8b969ce1294d345119d759e5fa6873424227cd2c010b549a28b5ee0c60121cc77fc5d43df78167638c766aedcea56cd0474172d50fc5beb705495e6e83cfe8e0e8da3aa873dae78488566f88058cb9e09d07139ebcfeb2204c374b574a18c994f901276f2776a2a17cdca280b67c44e05f3346c1e41aed5707840fa8f9b3ef79f2b850ff30b06ec63542bd9606638d94d3d707fcadd2bb572472d634d950afbc84c676696c8f9c90be00c9a138356eb3761f53b9db2f1b52177d8e40ba0aeefa1a914", 0xed}, {&(0x7f0000000c80)="e5684f29b975d0793213ef6b6ec982cbd56493ed412f5f48df05025cca67a6474585251dd27d403ec7e5d51a683d801810230b3a72e4c86c2da356923df6a11d91a8f705443849115bd3dac58d39a4f9489d83a9025779fe0a2a0ebd17591aa42277e0cf07538f7b3c2fd790dbfd4352d214f5d03b412db61e60a1e3b719c060cec0ef4cb12f633558d0d458a5097896b480278d8905d894924f777e059482cb8e84", 0xa2}, {&(0x7f0000000d40)="26ccf3d7e6f94fae7cc49ca47b3f9d1b6a2ab5a67fc565c2c19746a766e783e537c49d671aa3f78d9f7835fb240444822a462c84a2b5a66e8de8a0f6c24185a50db9c698e2602ac2b35deb4f26ebc84844ca48a485553ed4e125822e3c143c11ab24aba5f75b44145c1c93c61c7b6b961538de428e4f5ff1888499ae271edebfb6", 0x81}, {&(0x7f0000000e00)="475e0a311e9d068c48bae52164e966a22ffa3619efb9779d9760d8fc5baf8c77caa73c01c1df90f06be5464b0c05e26d111f90a66107c5a051d6c5d28b19e9445e092b47e2c588fcfa6cc5dee2268fb9c89204779e99", 0x56}, {&(0x7f0000000e80)="967ae3454ee044e2dd42225f1a656940136bc1778740893d27b89e4bdbc51e9d2be9ab5fc8b772f450c6a53815310f5d834928edc04fe257928df5da13dc43a64bf7558082aaf4dd9212bef33217bb7d6ace74c32c75a846a115dd27ad43aa6b3d028211ca8d7326e0595cd3c2fa85b63b1aaf4660e87373a0b52ac81666f3b6f154ab8e97a9798aaaf323d4579fb55536a04762a24523e054", 0x99}, {&(0x7f0000000f40)="7f2a71a644f77c71b790cbbfdfbc65b04f216e4c420d4b636c5431beaef4d3", 0x1f}, {&(0x7f0000001fc0)="69784f21c7976b97e90ba4daef767c6c78aa4b51368b6339dfe62a2fb9aae0b6bf7d20f54edcdaa15b7cc69bb2e280360db2911c450ec5af728d68eba6cf78ad03a5c8fba92106131c87c1a5bda37e5fe710e9a47282d87e60b407126aae795d7c1d4b62061777cbb2e6e95f6e21f4a5e8b689d7748a4d6b6ac7aff50016b012c4641c98e0be54d5e0c7ef08ac7fe878ad74e0238eabf752738cb321646caccd04cc9400ce4e501aab92a7d4d1347115961560420b78bb6225ea57c19d09dc070e862d593722f06452cf435604", 0xcd}], 0x7, 0x2)
r6 = socket(0x2, 0x80805, 0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
sendmmsg$inet(r6, &(0x7f0000000900)=[{{&(0x7f0000000080)={0x2, 0x4, @rand_addr=0xac1414bb}, 0x10, &(0x7f0000000100)=[{&(0x7f00000000c0)='Q', 0x1}], 0x1}, 0x20000000}, {{&(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000ac0)="6cb76def2c36dab0f366cf47ad785ed2fb5e1fa5fb56d566acdc377060c4ba50a58104620df72c3004bfbc77173110e163f7d8ad60c34cdb064852353438fea809e390e392afbf35311690cd8286a6c49668aee29b7537078dba77963d15c085d7343c1012135d361ac15c082b7ac8db87cc10fe3ffc374c8be18fc53437100a11dddb9981072ec036d513870a5bbf62ce9e39f790f61ef997af390b9f5fc8a699e001c59077c459eb40ee80a3ffeb35737da668ef974592faf129325cd9ad0dc5663950a329804c9f5d261f71165b05dac212cc2afc40f980ddef8773f1045e75de4ec606aef87052e9ac784bb0f5a43f9cac5e44ae1a6dd575ce17a4749dc7cd4d7f76a40676e792e5b31a25703b1f35b48a89ed84582ef8f4ac046695f402c25da1fa6bc732a7016edf093b4c31193130b3bc143702e2b1d23743ca797b24495dc4979b81413701c0597dcd5e3bcc9c2050c18cfe03814d358e0f795e990dc44d2c1b9890514bd5ea94a3f3a1e25a8cdc67133e9176d76dc54c31274cff0101d8a42c103bad1b8b57362446f2c2ed8a69daf3d7306ef3fa2015e4ee1ef3392120b82671d73b07f3082ea69ffa0ebc7b53c78862a3e1ece518c1f0abbe4053b4dfafe815c1fe4b0d079446e80d13af972e00644a0188605d7309812e24cd1158677f94a16a5eb0c5d48b60329fc522026efa596ac913540f2a9b0345f279329bfba29a7dfc8894e6a08eeee3dd974c3de9e0602cfd1e3e584b10dd26cd13f7fb432e72ea85fd1d3a872061bc967d7a67a3a7f09f34cc825db5d9ef3ce0ff9873f8eff342eb30fa970007e2f591f07dc9bc5141a9679a2f7c69aa50894353a7830a0f7cf766aff6e81d7c3b88d730946ce3f327716ef6fd270d5bf467aef288db903f740b6ac27b962a3c6462372e63f8da8505f05d17b364dd8c6b5d449accd01b4c6da297669f098bee986b95e389a2d003539ca9dec8c26b9f6bbb5f7fe6f0b764d99bc0dafcad4121ed6a749ac71fc5deeee54d0e8a2d9dccc87df818258d73c8816b78c1be3670fb14dded879caf925e0f8abf63f55ffee02bbffb465f0303338bd12e22fe94fdaa3f033127ecaf41649232c38e83850fd3ebc890ea5db2763a8389ac49bd9b7f6b81f381d3eeb90d0f596e2b7f7dfa2a0e9453c1f5f359b56aae9e97a51f6c092d25a031843e351f5733a25c5905706618ab569359bdca4932f6471f4f2d152f84cfc0c563885b0d93fd015095a8eb9422e3d17ddaf3f20dde5eeea415f76c0617964198c824b98f4d53ab0d4d734dcd6d07dddd5b77c1bd71208632941973bd5b5aca981137ec21dcd86ba518b3d4979b68f704a2a7d7cfeb9be3edf4b4b3560e930d9dba0bc358cba36a129748c1fa73483a69759ba0c4f2ee2a936899e163c213bb3fe5a28e68669fb2da6bbcdf4c55e933d127a8bc68b8d0e6c6c757fe8ea47f26ceb7c1b3ca8b962eb31a081756ed56fe4385dccc5e2a7a53300e9c8a1a55bcf8db3f828cb3db8485110da631a50199a5c1932b5538a2b1c3cddb4451868a413418e3f761530fd477b2ebb449070c73171964203ad7bad4302af13fa6fe55fb88ede096a7aba95ef3665da778250daa9dd4bd5ecb8a807d83fe6dcf2f0cf5de7a4ef742979afd7d93bb2672ad45f6537640313b1ca8838f3fdc08e57455af6398ce5b253312fe1a88206210831e0de59d1e3f9442fb9dd43f1b9c00d151d3234028990f8bcaf65c0ad9ea1bc20e4b7641ff26969b02ccd60d2d8d2d72fe5fd58068cd6d7525c9e24c4246cd776ecf1f57550bb6bddad5093618797547cde5c07e165bc979bfbb5479c58e89c29efa5fdfa5b4a87917a4275609afc849384458ca980ba5a2aa4d10c761bb3b3a57e3d3b41001cdf6", 0x541}], 0x1}}], 0x2, 0x0)

3.561748406s ago: executing program 1 (id=1005):
socket$nl_generic(0x10, 0x3, 0x10) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, &(0x7f0000000080)=0xb0000) (async)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, &(0x7f0000000000)={@my=0x0}) (async)
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r2, 0x7a5, &(0x7f0000000180)={{@my=0x0}, 0x0, 0x1, 0x3}) (async)
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r2, 0x7b1, &(0x7f0000000140)={0x0, 0x6, 0x0, 0x4000a277}) (async)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x41, 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="a547e672177a22392dcc16d74966643dcb137d709df6baf512a5631b51ba1310b123337e9e4a861d54697d57aa7b468ad30fe2dac40d58c626cafe978423e50c189636103fe86628be57496b6cd9f6ccde95a023ccd9ece4845504d398b031c79c897ddb604105a58aecda5fba4cf76604df698e1bd6d274d0b32aff971a0164b9e2b2fe22e1a193c1d6866dd6f43d34a8d7f15fd0d3f1dac09ac8d8415bc91fbdc4760b8f05495451b7cd6aa26b23dbab0c769506f9dd176abbef463f5697f313466d360aa1018366567fac52e3c83af6c1eb498d5c0a182092680d200b7d3820b3d6d7b34f91146a81af607a3adadbb6179ea99536854904718a00d69e95292a2506679cd8ce", @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f0000006380)={0x2020, 0x0, <r4=>0x0, 0x0, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_INIT(r3, &(0x7f0000000040)={0x50, 0x0, r4, {0x7, 0x1f, 0x3, 0x4002000}}, 0x50) (async)
syz_fuse_handle_req(r3, &(0x7f00000021c0)="d56cea33946c0eae3241d3604bfce89adddb2eb96960338db7572fa254eb7c69dc0cb526989630e26224c258c8d70ccacc5564d67723f4756c0399174c5460c4995942d24092c36dc820e97344798b5bb45423f853bf50e374323abacf0388cd091016b7a3d7843f4d3ae1658bd34d967e3323a64908442788dbc99c1f4248da53fb5be2c8001236b994ca594e3b3c588beaf3cb1c32c072d768b9e665e7d87044fdfc1fd6452593e6793963153f3850bf85042a5c139799ba8f6cb8d877fc436c4f1601270d6e29d60a4c80d6315e46f4219494ce897127d0b76f5d681e90f4e9282468ef7993cd92076aed266c1db8b81b93adc4969c9b89b32b8768c9f39f2d148e933dbb651746a9364f49986ef73b4c29f647b82b83216bb8179fe5346fdacdc5fda4bd48875cd2f1cf57a0c9a91e059446bac310a6d68948675c35a8e442168fd84d78d9800e5b05bdbce3a6eac65bee7279a3628f2a08931d3d52ce490652c20f8ae529eaf24bf421dad976c68b234ee6f6210c9f9aac3a55c6939d6aa3805b95619546264ff3ff82d0dc690e8ead61b6ed528c3c117cd771a3b7feb214ce8d720640d97f14b399b7f46dc4aad83117e8e642ccb117d13f345536fc3801c124cfaf8aa7aafff6c8df3fdd4469c077eccbd8ddacad80d9113dfde26ae67b226185743b2d53667fb3016fe114f87484ab614ddf0887c4b2c85351ab21a0ece6c066a154b38b4d7c1792d2db2cc5f8ceb42078187949d354b7a08d1529f3d10814757179c860db031dad4a3dc13ca01d1013238ed5f7a9674fcc77f0d34e2118fb851c970d86ecf9de1cfdb8d3ab197480e263c3207c3d7ebe17f9547c7c56b08e83de875294d0fd68df1926ecac24350b2c70bd73e14122ed480c564353d34049e67c26036fc35d04022cd35d6ac00756d3b8550bb22ae80a4bd630a00268d07fa249b0bf545dfbf01bea2f12b30738c6e13156244eb24e6d69ba7c3acdbbefe8bbc06b821aebf836ca07a3cc7b6b24686ed8f3b23085c893e72188b797651c5ab5cceb1465414a325f793a3af6d06eed7eb734ad05bc1f6619e8485259f570a482a67273ee01fe15dd938afce026f1111c7a38ed6d1aba34f009ce1e99140fd0db2de74150541fd48dd2ec5b1d15669de2ffe3a198184b6186ccda31aa64c585ff8cb65b67fe1455753895a88b6ab4c6bf1bb8329739178147e6f15801bfa707bd9ec9da662573ce07af684bb7c880a7d63b0a0a7300881408c44e95c679ea32b0eab845d0b333f245e8d6006258678704aa8cccdaf80cc46138d5b7a0804fdfa34c91d61a0d2fa6c62e7d1a675e5743f845ab40ea5df0182d6eb9781905c94751c75a411699a76f48433142c5f109d5dfddcc0b1dc6254efd5ea50d6ffbc7b9ca031e1a0123844b63c48b964645c6d24707582825e219bcd61677ed4fc45ee1f4be91b4c1b856d65a86acf22b8b0d588bc473248ac040326b1490c2fea24bc0c0a721e2ed63e39973cd4d38df1001dba9b9d995c229655dd26f3cd3d64077ec111e2c370717cb4cd068e0d3a52f1027d3df953e1f1ac768a7215a3695722b1b6714ce43801451a9532212b651d073c780d61712aebadd145c1cd95c1dc0dcf51850046ae5771e365f45858a36e48afe563ec0afee3803ff6a35bc25217b53eda39bb813b8d3d728c21a0b80d014003143666c0d1398cc46a01aaaf97117edda217f984010e7c5cf32535a669d4f11f6b70e3a3b823987ef7c9f878415063bf05205e13bcf7acb287bd0bb0fce77529a711f0ed145ea2ecf2194658dff17c5681cf8c7ad8521d235a705292af4878b3f124be2df661026c091d6c07aae1a74c919f7478d1083f70b3a0fe00c2e220ab998b4595268b6f7cabbfc85e59dfb6ab7a794cd3fd70d5cc4d70ca933a4452df5a345cb31f3267de53519ba39c915d492cd4652843f1d30a5fb311e3b5d868347969f013c5e3b4841b22240abcb61a14ff567186766ce8f6ae64877f672835dbff4fcf19c8230d8a402397630effb698a8b0c9a28ae028d7938ffde488fd64113085bce504cd0551e0eb3730c3f781cbecf0c41d2338766d3f6096661c1f1bec3162b8a0c4099fccd9480e821df8782c2e070530befb62bccd8539fe9dc7d8d3f9bded1bb34db3f2d6050885c8f1d57f5e603f629de7491f5fd9fafcceb565abeaec838b10a763a00a4607d4330bdcedc066d8cf9790d806e03c219866bb8f053a6e602645436d1f469df1d5008f5dcd4bdb7ce5b76ec015a8f4693cb2a63ceb2be00bcf221f0ca32db4efaf8f7022622b335fa8dea4afdd86be10be6c4d66e5f57416add4480509cb98cf31cdda84644eeb782eea041d4bc0e005a20bccc3c4a08cefcdb91cc2c61d9231c4e36e96f6edd2133f9b34e7da90ce20d1c60ff223c6a204bb942766a359b923573bbbaf2a827d79e4f649e79a840216ac4ddb3409c94e71ff08d109bc3f0cf6583219de7d7131a956f835ecf5c131a0b1e056a86d800a0204243f3b695029578c064306a31db53f28a8f0c0302486cd05970904e9b5c53100ac1aabb3110a89820e4d8307c3d46084999d0456c53fec61a9242b486eb41a90f3300fdfd0d8a472e8da7a842588721d1df1f5e4cc425efebc75a904ef4cc881346a4bc23eef4d492e3efccebab86ae4213f42671370579ee7f8341396e9515619e100a8fae2c5cba0139a088579ece7a603c8b8bab9998223fe862dff8480aeaa5970c90b894e5f71c2784e4dfd50ed3e9ed91036e8356c09464de13b4a95227203133b2c2c71cd6323492f083bda58ad7721b6666b9cd93f93f0288482813fd8aade02cca81cd35257e023504ac4f86be1c7a810b67c6d7077f5cdbd305b618a05c03d196894bfb1a6ff511e59ac8ce45d16cee95e1de0797a543728caaa43e5ae42a12b6bb7910d18d4e1ea89d264491287eb23a76095a12a39c46a7c85349e2969edaed3c1fa6a2150494f63f4c98c65fcdd650ac7424ac1ae64421294356ac1e4dbf9d4c817f081f4f7751ebf56788d799bac29dc0bfe83ead7ab3e338b8b84df4cad2b549aaac4e6048a6fa8f8f6f1f7e0e51c8b3c872f18c466e590222b03230f46bc8e9a0171bbd2096c7a480d6a6f29bd74b60105bebda42e59cc830c4b31f6c52687b4ec2ba869149ae363d711d099f94ceade1ada193e931ed9aea0a280ed5f25ad5ab3b4083f140ca17b43e5f6aef2c24a28a0262c80a040187e052ea7d54a528b6fcc176ed3afc07fe6a661d050fb4a3a6abfa3dac5f3230540b45af060781cb5499c2894d6a4a2bf908ddd48d6b34207f56c31229e206c88db3552ceb6e82a0fa2bf7f97baf603d37d6a8b1f2b1f5f95b251129ed05351681908b7cf5cf6cc86dd854174cc19713b4d262b021952b6da5f20f57bbacca62f5b7124409aa625bbea59819baebc1bc2dd188feba48c998d0dbed60d44b8a4f0ac28f6c1c8c9998f7406f1a34e4ce902be2420f7ff51a5ab3b1faa86ab2ec1edbea2493cae090abde43ff27d685c993dedb24eb255772cc56fbd104f4f5275f10d54d7cacb8cbf188ae1a4d29ea880068fb2696b3ba6e8a7c15939e1f7c394ab4bd4c4bef2383121cbeb18646a8e013d570cee3eeecd7fbe84a619f8aa2e34f2e1e9b99d0c7d7d179d9df8d2e2f1cd7ba2c7e60166dc14e5e4ed9c41195935e2884b5bd0057ed0155a5d4c6482e8f554e4cd0d0aef7d6487801ab54d54eb41755d833ab83883b40f47595063ad2a0fee5c661f86b8ab04ad0047d988ad86b3c520eb78dc3d750a57e777f5d766349f1a687e090f744206cb5d048346061b414060f6826d8a884e93f73f1f1f4cb8bd6e8d1215d436d390dbda35b555f550e11e6d8008fce1c429bd9bbd04a1fbb9de28663c1be4d8d7e506bc681ada28a69014b972919b5f70cbb770349324c9af0b7ee7ff4cc8bfe807fb9faa0a69498448b22192d578a1e82582b943051beb543ddca8b643ee6c76ee32278aa8bc92b44a8439a24ed5040545349ab05e831d4511a8da03ca539659585b2267a73775f1cb7c2c5548d3508c896f99a8e5cb55160ab1267e320ac2d7c8f8b57079dd14d301636a1374e24541f8d453978998ed256b381bcf638bb372ce1ebefb341656c02f4092a7667ffec5505e4938dcb03d404654430e244f9f7f7d0fb4189a93f7c2bd7a4fcb3ccff79e41a98adcac3e4c19eebebaec15bd8cea1df0e509cdef62ae10c66734d162caf35a6e511baa717f769c2e449892224fa8ae78de9138cf6ea1d939998a8cb68b0e83cf604e03b99634796d3d495e4617f8fdd9764631e7ed6eafa797deb1159259777bf2915d48b63286f6d6528ad4ca5783609263d9a03aad41ec8ef1e2e1e77734d27229f801192be238468854945c20dab4e1baff9dd593361efda1de95e04561d33cd73a45dff5f85b2e85b0747a49345ac8d38add8ef9c14685eb3d3432f3f994e3ddd4e45b16005870485253afc4f08d8a6d8023b722284d11d56c6ff9209a5bacb7ce1708244bd21878b8cd5c13ab453bd589f6196322de9faede39ce6f94c75d008d2d7ced27a2375cc62c3d5c15c1c4301a01299d8f4c41e5a44e4130e9555a356d6b19728c7d3c86cb9a1ddf906ab63a9447f8233bcd09bd74cf9749f085f0c4689ef40dbc41a7a299f0f891d9d0d3e39409d4d774da53bfb6e8ce668ce50885558e909add2cb9bda2f7e9232541b1a7f742a99740f486ef4f7c98e4052f2da705c56a18d5a8289ae6cbb9dc7de13a8cf420b7a930abaae813b40517d84ae984dfc94cd1021e0e4a7a9e7de841018d474083ca28a829ee03fe625cafcbedadcdef6621ccd679fcd9c9a9ab2136211f8c9a679895aa39facf2d6668e5098b3dd8e0ad78d8caf250dc38f2c9518bccb353ef3418d3906827514c1959d58344ee11a0ef1c1424495cc1a9910187685a47d6dd91f07e5081c5ac3f1b6e363069694dd9072684c5ab0ba56157c10f5fa8409e5bc43b38b31f24a306ca5f7e3de9a392eac1984e877ecb3dfd044f1449b4ae9b586051b1780c0ce462919f4a4b54ad8011d013c3962fc6697d33c2dc6771fec664c82cb16144619b207deb4391866d6c1976b945c5959d19018f15376ce3b05666747743527f22b54171da4dabee2f4e469a5521067de4f92e2bad02e15e812b6cbd27ec88a9eccf600ce7f5643392da9ff6b6412f8e7c68d8c8b9e0006e41777e2a1363a9556befbbb110dff3a84b179da3838acde0b25f53798733a9fb463d76b630aef7c8a43f6219482b34b893fd99cf3a013ecefde7c5c6528e304c1868ff3fd8dd5aba348a05dc950b1c4c281cbb28b800d6d0da180fdee06ec3bad6f97180295ed1d77078156a885b5b0c501ea563e8871adb97dd6052de0ab369bf2d98f434bb2d172d9967bb73d3eba6b52bb8d55d8963bf58d310afedb51c0f94c7814b6da30fd8056ab7be74ac31b1b75c217e3ab93eadcb2d253e5d8bbe47c0f1a411a9e502cf4301d898d905cd5db828e56a722394fa11cca64a03a42e7fc1b3481b71ca0b6a3d9bd1fc8229f7f9d3e6aa0d48051942579fb759201d4715db9a2d399e0745a66dbbd571accf1f2e15573ce832e91bd1f042ab758d9ec13e354f38454cc42668c8d60358916f7e937015f6c38732bcf6131ecde001892cb20fe47153e7e23b1cd2fc4a22662e7bde09f7df10fcbf475783fe23a0fdcb2c3bd8b28453ce523ac19ff77e68c3e9fa0193b796ea68f44132b3a96adebc04181e503f52be4778ef422ce3e6ca38514fa18b500ca518590479e8c73a7942dc2e237d82cda953ae1b296b97ee8ed62e2e755d6ddea7c0334e1b8d76c278bdc454724003106cb6fdc85340d1e784ac8b6551eaabc33c502163ce0d401627bd22ba6be90089372bfa3f91ee745e45844ef8dc0fe3936bef07f9c1d3aadfa4c8e99be6b038bed6beb9597add881da2acc1a3a471f500d68f639cd2bf6f4afab919a2cf747bcbb42b95684e8741b485c3297cf07c7bd98d6653421b61f701a06b82be0fbeecd32eb00feca9c5732bb5e565bccf8c9feb27a50760a785bbb50402768cbd458811e284a604b3374faf3480e1736743665617de9c32fd10e37105ac6dd5303f1a6dc78950bce56215c2a2f9e0ccbc0bf9fe8ccf7647ed29e2aa4948689d681a7a9fe582631338f3eea3df846f28564038ab75aa2a8ee5416b66ceeda9d8f56ecefe07f6a21ace83a2e15ad408d0a480f56708e3d1c96020b124c58f6ff5247f73aff7f77d389167650b8a0b98c97f87a1e5d6c08fa99874ff144bfa905e9da3812f010eeee00f3c9b594450faab5342e1b6e98fed5714a802b67b3e5b1964a62606aacb8222efd4980823f076675ae859e64de7b08f7a0b3d8bc829e1a93eb3b4975b4761cd7fa743e393da537c91f658ea2b23c94244498cdc4bc32c8b9859b9d9792eeabdce635b2d61c311949204826054dba0880505e2b53cc3521fa8b68bbba2ec05050bd3244c02752af1555625ddf50a3656c0043005c43c26a2dc907d5dd67efa831ad974151067b436a75fe99b8c94c9ca9737279fa1aaa09b0108c48c79c7e4ec1eeccfd43aa8e7ab6cacf5a956fc47d4ce77fe719d6eec1730d3e3b3be71d313f644177b6d16df0180848c28b850fbf71168a1ee4e5639bc46f2555b3984dbb91520538dfa6a1905abfb7238ff344d0a7d760f040718a57cfb56634e7de7584097f69f87630693bcf410796266cc3f50302feacfb556bad2506b7191023817527dfe5973101712bda922472076633133a11a76e8bc7d763a2cdaa53fa8d47d442fcc572f791d66d10d8d6a9058ecbbcd6d3dbe45d67b75e1091dd0368bea33ef0f56ba68885630429c24800922062e1066f2d4c4b795332ab03239548df4e6e01c432fe5eb29e8e63f6c7ba4f2edefa208c69e781786e4717c2f71dc2032a98cf1e6d66c10831e17ee776edc6b060ae20d025dc570a88e17da771acd32b7b93d46e43a917b8e2ba8232ad2707324b9b04dd8ee50c3c5a4372c0b1461ab2b7424faf00c7162bd8e8ffc7fadcb055403b0fa7087226ba4330e746af97a3f915f0b9e105759e81fe94a0df0cd6c324fb0b871491b5516c2fbc82c77b07159e3f4c0b7952b74cb4e203a69f241485191e1afc76d12a56db065b0513a41582f655340603c73cb39b728c97d1e919ecf963b91ec2282d25dc426db873394055beb0f9ba20545e2465ce2d0d962f42e1e4c79bdea4cd2829269ff7ef650bbeb5083d39dc7aad668af0b01c521192c548857473b29991f7bb917b5814fe945f4c3ed9bbe0563f4004b391b76860e9fd6b7c0baae82e4ac033f62a2c6ce6a2311b8700b06b5215e604a9b99d37e00450fc7790e893176e9fecda220f838a078a8ef7da7d499b1fe0eb8780c4b9705a6a10674e61b5c228fae1c13488f98c10c1792fa40229dba44b1cb534f9fab6a14407687761d738c91f4b8d4371a1de1a47bde0563a6fc88c4886be5d48c4cb89078c255eb1639598379daf50a672cbf4d8add2d4af6c02aeb1d0f86b611abd363409c7c7fc0b66f307ad3df24241fe06d0f7617d6c3987bb9e5d8f1712aebf095fad19b3b4fcb9cc4fb39012f333c4b040666259ee7bc43cff299a527a8914d71324e91c774b84e9392e615453e9fc648c539059b66f780c888892fe8b30eba799ed18fab08ebc3b9da8bc12a249456351bc0ebafc9f54d5d24697fb53eeb5e734527d690620989f605f57dc65a15a754d304be592acc616cd528b6986064b4457b96cf1fb0ab383a0585acf9887b18e1d6d3aff1e7f2328ea0313a2b36f6f79d671d9ddc4d34fb8fb55a596b2a16c63757083fb4bd01be2e1d82e47c5a44e052279097c5a18feae9884e102cf087611a3b94467ad61635dae6275974f6e6ca7a42ded0ee4577574d56b142853a8c955d92d1eb780de11dc9289acd193214ed4c9f5f26d0481cb3c0c0b8d4c9ad929c61ffeed66bf2e4f7018049593b99358d93559847d55654cee93da30f6578d2e295909791d227a12c09cd4a0edec25d3155086b64a787997a53265cbffb7fe6a2bfd589e12b4d0e21a600276e920397888443584aa99a06d7cfef8e68eeab8fa739c3d8fb74581ceff295110742e763320bed3a4be982b3ebed15ecde37e849aaa91959327d25149f38854ea1137f870aff99979e5e74cc9e45be12e3f0f9912a0955e718a4917e835bca50f43ce92a6bc60ed006b8f623fbacebbfb3dcb4fabd9941a5487c6f637de9a2005a6bc4062e1210a08a51d6f8a5e3f6f97fe90dc7e2e21d4d2f038c0fbc1918aa00e230a4a0e5c41a4808fb9a731271fcc1e73713c9592aa4b2ddccd0d13c3cb68d51166623153445c9ec955c6870dc8543c0684883186082e34ea5714febf8b46921015c3623220d17529896e1a6edac6e32fea2ba30db203238300353602c17dddad7608cad8170b520f6d9d32cdf0156a1de4e9b9eea78f73255ddc6da6994a6018ff900d9886590602ca6a072d8aa5645e2adac0744e2d5b2e1038c746635d5814692c3498aa9043b68f8ce79c44678c5a7d5bc26c085475853b229b2af3dc822ec58047f313c778aae2b64995148174e42908f3ecacd3921855790c0c5a25814416930293010b4f917979d837f4ef9d2d6dce804f5c0926244097746252124a6e0055559ffab197c38778f717362152af8f6dbf7ee03df050ab9b8909556691c2c2775f0f9c26a545db7ba698a4ce37de877705ea97ac0a002db274ea8360a4aa732c2d5e7417138c60cbea69d3b4993ada6a9d8f51d851543a6500a31bac5a057dbef498001f08a44e3c4141900e18b6d73c28c8c67dca805edeb5376384cefe75be1f127225e4d9724b7047d68fa2ed4629e91711a37c80158a07dbce78918931402b472a98a5d5c6b66a2d116314577e94298c37bc441499a9ecea132d87c5d305a0f8f0b3ed16f3b820941082c73b28391d8482ca0cfa78e1e09aa588b0eb1849c6c7916a6bbe56134a6bd93ea306dec125982628dea1db6d022d210627959e1dc819c841f173ed25f356909222e481a1ebb31185fbaeacbd359d2779efe4554ccdac7f4bcc528f656a45049331e16e9c0c796423ec9c7cba15c69d4a8a7741699910f33cc9798a8bf1e48182f08029a14d0131654fd388225d7509e1d7a484e9c7df34d1680bfc6b8d1f6f3920cc4113509fe42dfbd6b261000da9651f7e18088f6c2564472046e5eb7e8c9f8b5286a7452741a7103ced710bfb8e699fb8b1a85c0ae887cc06ef2ff9e2a2b1a77bb4d44ddd4a4e1ba60afcb92baaef108b60486d409889cbb2b1cc77ddff7e4b6caf8cf3488764d84bf3605eb9df709ac6cb36d1a3de89cdd6657f0e6b4009e6dac5d9be14f4ed997cf61e5aaec932520c321359cf286adf6e2dc3094794ae61a4f16089d06e3dc62c958950e73213c1e865c894fe7b8a30de65f5534a1e9c5d19ed49397980126322cb9c72c46a86d7487571300d85b3b5661555f20ab63a78f846c1b8f51a19610a11ffee44f7ccf0f1d67f4148b2c828d74c7f3993965c9067114467a71d242113a68574e28601fce343a023ecc68a72d75259f9a5dce144a7f61ef327192f6474d2bbd06fde3049fe7fb306ba3f54337008d7dbdeaf28a37a224e38ade23adb076cefd3148efcb62539a96d4dfc53f369e34c3d493ac3a5e8c8881133be630a2a906703da62ce7cc02ace9f666d6c3d4b9763a83548825ee1efb54ee3475b09e2616c5bdde3d193181bf020e8ac9ac25f32604b6c11de8ad1a15b9f908c6d7e79181aad1d741b7434aa92597a835c53b9e4b61d6069fa4ee921824d17c98784a8c04590f8d2cf877662b410cae4ebd1ba3616074c020d8cb6099a095735635490d318821310ddd016150edb80370b8d4e2f05557fd619b17192c13353cdae76d495821c610c8641e5b3dff1e7f2ea77b17810ca7975b8e36b7f501a8710b326ef92672096ef66598510902fe663e2a9ef00c3a052f1cfb1739fccb4371f8f28bb92654de5bf87cc2863e92e6d7e4b45d773f90f434eafc8f8398a48527af829a6cae359e7af5941bef158f53798058351107ce58f79ed21036770f6e10e7da92bbca25f369ee83a0f894bbf366a1361f8125b4ffd8e8b4d47ec68cd6b37c840cc5beb8cf65b2269ea1a0e9c371a571f30458ff8ad9bbf8723c19ddae1de5ca7461a436ffcd103c01a20f3252ba0965ee928cfb0d002b9aa4d4f20c805b77e67c8d991c4d07e5419bec9626a32c115d28253dd5f16c17182c1779edf49bdfe3823d87fec88929801163a27bfaeddfd8cdccae8cc3bfd6a9f2e2fec5971fa560c434debd434ff4d0058dcb05d9f3ac5193c458472d6d1685f9f46c8864900c5edbaeeee08971ee1c087f2e11467ff4766743bccf9e3414feedd6dcb904b92a05eec5de8db95444b920c995c770edcedcf7bffc48836c8f30037dde47f0e66fd79550de0ebc3c0c3eba0b66e2a353542eeb20397800e5f41635c5ec2f9a271461bcee8e570ddf945b186f15ab5cabe2a3123189935c6b9010b31732c425a9b2582b097486a5a7b1880b2f16104484e1ca83fa9c278b87e30e4b0cf6ed66c87a979c05683ac94a295d1c53e6f0975a079dd9a2825fdd6ae0926ba1a69f3f69f408eea9d00fbd43235a52c53d11963a611b81dd9f5e05582e1822398873e883662a64c225be19e0b85e102e23fb73d5dcb11435a5437d7418b0409f2e60793038f55ed54c79882b3a17e74ae2148bd558d131dbf446edeb0d05353492534e216761cfcf6582d066a8235a2bd5eb383350a52d7fc2761514e27b6125cb3e387c103dd62e31f5b789c217811c80ccbe3f10fec7a19ad32dc9271368b6d6ba549c45dfd8018507c40962b6ac6468c3078edb71d8ec7f728be8cc23dea1139ac30c2e8d0fc077280e420fbbffc896863db5f1e76922d7dd8e4479c1be822e74212c6f74765e108f916a1b83f6efc8ea54080e9a28b1ba5813a1fefddbe2d0cda413ee1463985b51b59f818f440c9b6a10e4ebf71d37995ae9694ba5867ca2eb2f7bf4e58d26149f2b25943fba216beb3de1f954bcf1bd32ce358b5d23023ab456ebbc493ead41e25b62b5b4ace6c5c18c9a8d512a9cbb4dd59f33663f6138d6b06bc8eb1ec9caccc0077b2e68e7a09d412dfa352e7e5c3942b710ab1648e16d0adda424d9fc2d15c619f4e8093c2b9521e4cdb3f22e655f52ce0fcc1bfd94e56cba8decadb68214451be53f9286c82d2a4912bd2394d1133be908409d791d6d8c2194ca37a76a38d6d0a1fced6478848891d9264cfc08fa849d720339ce00977cad8d9738372184098a7333dd1564d1d7754b4aa4afd6217585804159d31f53017869cb78b718c837b7fd176ce19e3d6996b6f055ed3ba7cd55b0349676c0c113c33d070081ce4ef29af156c4ac8ce760013688d0295d90271e23ef3ca10ec2b3b889855a153c867ce79297a10a02d21e5e8995fbc10d2f4d4bf521565376053b80937bfafaac688108f9962b7c72cf0111874ac8ae27d024ee2f9d57f15b9910a7486ef7542c6629fb0520c93a445542d", 0x2000, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x68801, 0x18)
pwritev2(r6, &(0x7f0000000380)=[{&(0x7f00000000c0)="d436", 0x2}], 0x1, 0x8, 0x3ff, 0x15)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
syz_fuse_handle_req(r3, &(0x7f000000a3c0)="0a44566bd8cd7422e078875d6a98d0a2dcc0a0c7881e44e46c6bf84253a3ba4cba8183c2236313cd49babfb721c547a5caed646bac2f2ea43e134e2a05d84cd813c9e2a96e68352f95c458f6ba48078f1d10fce44d869b4a00c68ca338ff3b877cb434f502cedfe83cbfb33d5233d081ec8ee2ac10e08194f6257183be922fc7203071a2aaf87478d1420237a1516e749623929f0d60f15e536376ba41fbbce034588b60680572f0d1d76ed122dc46252cc143f0e665e3f4e3f56bc454957265bd9a029cf8c7397ca01f95bc0e6601673bb31804c34307725385260df48c32527d74e51e5f26728aaedf9f379f5960f5e6e7146eff3254aaf54eb42834e1f57595a2b0333f5ca1474e07c2447c33dbe8f62f24cd788ac18475493edb813450e917837b125ad6f850e6af93e16828a6741c6ac00a4e25cfcd498f1b857e74a4eb8dce5ffcb3999031f1da13e9e6a973134ec04795a3fe91388fb6b349e668f49bd4c4ffa71a8662916219b4a2075bbfe4892cd1080f662005c1c2030d35999c9637f4836ae5745acae8ff0d745184e58241510d780f8a9aeeccb17b9213527a1b747dd23df6b4ac2ca4bd07fb7de6bb4bf8811e5c2f99f4bbcb3cba79fc483182bb981815a1b1ba5afad464631e6eb940a5da4e73787e9e0103bc7ea59cc8d63f740131a14c3cd034e91e885bd730521ba80c1071f25e0073a44bf8e36cc23a5f433378a13d2e2be7fbb8ca204976651924ae8637b339e883f4d388e239424031e20616341a5d51cd5d574382d518e4824dcdadba86143b4de3ff8126f0be226d1e6526a2af981d11092c428bc699ea208d4d38d63ef525b8da551207397fdb7d57a52c2062182072b017141de1b70bd15c758c88c65f6acffd5b5b0846c2a779660ceef46b22336abf817a24d27c3f66839b5f2f99131898dd372a124d9e5df84b24fa7be045b92fb225a735da1be1972c706120c391ffadf231603ffbb86d38ff2c76202a0f81317a7f790dadcdca1d109e4428f52246b17f6b5822f64d36da71167df86cedf76f4405f320f70a3d6d6307a13e023d9a23985fd9c95793118674346d7977654ed14a121c1bc0b3e8672087245e0721230edc667c1fb6bcdb22b3264b7fffedb589a2899096493ba97ce5fb0ad97821d0a4528465380e086b61f632eb0ce1f89eea2d8336217f51b4085433d426d404431360be55776cbb0f80c33e807732df3d73bf9d9a8e3b1468d2ac7c73a4aa239c96bbeef3965132a02254d887e65fbeaf517e913cc331ed36c3e326163d1a3aef7df9db06f8997668cc35e39813c82a440a73f12011bcc0b2abb993b99e79727d49e6656e8d9ecfb7b65c2c187ca6262361c6a7d3679aba9df764d13485874b1443f47d8caea64963011294082a9d50ed2fb08cdfaaa7dbcf782b7e8f8d8206dbc421bf9807727126b1ea364498f3ae693fe19f5b56af13df090892919c136c201a0d058c1863f136a3ff389cc510c17b1de341ca9a8d6ffd80fd019ac3fd9eeeb845202f2c5f207b1e7e169d57164855b9c3dbdf3c696124136d07a4de6be16b43352567a3e3bab0f73ccdd41255ffeb3ecb2bdf9eedd1d4332f4a7534b01b6331474880d4d07b464bd8c3b18d02fbf1faeeff70c8ae35b4eef002930dfa9a0c9350ffb72c82535a55280ac9c6d5384cf9aa3c66cc918497f51a6dbad608eee21f6085f85990983d0a51e5b41cb69ae52d60fa835045aaa0132be8b4dfdb10f521bc22b0192a4133040453c5a0a8bbb5d4c46ea25f2be5b0e79d71c4a13db6e9cb66db9f2c4804d41b9c26f96fd23c358ee9c8f57322540953224b56072af25b5c7041de560f1d4bde367eb3bbac949d9a9a86123ae62d0f4741446192e85772fb893b64c0e7c44a6e967af906b0f50e32be384027379c8dde251f549f94b16cee199da537d07ae89848da801b43bab3b65651402756cb22d17e602cdc33790ec8a5484a955bc8f487597ac9752166a405bbd7dfc9107af72b46e39d29afd2a0447e53377fd11997ab21db0f740699843a168720377e365caf88fd319dca184cadb8ffb4d288a0045b349be5ecb64561a2bdfa13336ef96aea86c48a5e405330a01c5390d482e6ccf4ebb2cf149d8b6274b2f9e6e1066004172a1a90e0db9838afafcb663bd693b2e5ca35858dcb82c05cbc87ec5cedfbb08daf55c472e250861bf357569342d90a667f3ac7fc2d4e54220444a97810ac14b0af6b043a07c1d791182635b983492f21db4a6ffee2d686238869e50b9bb73d75ec26087c0c8cb92ff25740b3995e4d771469b8474efef04d8d75f3544aaf84f02ad977948764d4c1bce36aa4198d6f22091b263d9eae96f1096fe3d8045949f189f33ec713101fea26ea043fe98b987542e33ab372058c64205e90a0e1f52d04b2c5ba7a5572ddb95f7d2b04f22e2e987c5d0f879db65718d8979da2a45cd333a5aacf96081977a9eb3dcee4afb44443ad37528c5a314d1ea08d1c3f0a36d4bdf77fc0caaeaa1eb2746a26683561b62d22f4e166192892e2ec1597f8bf6e89cd53840c8d7baea220e1b5e17df52a05017363727b0cc77ee61577a79b3de2ed364f3419a30d23701044b45ed3ba44b01804750bacf5bc959cffba86619f3331cc939fecadb5cba1edfe28952e0f70d2d99ce696dab9411aa2f7e7ca6207a3b16fc36a70e339aa5a618f6bcb0272968eba6edd95242825fe6e47cf1d50d229d4b1676aad0e9410aa1f2d6d2fcb9c4ec8e06c83faefbc2143de2367123bdb7669bd959782cf64def3a601c596611ac98d76df33e1fe340829340ba0a582d014ffacf9a9394300ab7efd60222cf96a99e42dae6e1ff1fcad1e3280ca07de5ea7e08b264a60015ffb76cc72d70ded58a1e2f59906f3c76433e4353a94a2a49f91103e2b5491ac7f66d54ae2a0e82099c4c9bd683971c2d3dd51601bf5e94f7660158bc6fdc1b2ce3d689a3aa64c29810ad7d9e91e49b72e6f97230a2a966434bf5cdb339556e6452e6b446766f55df45219fc02192cb73076285e74eb848229bffd812f6058782b3f5d0efa4d7b0d3c120931aa8b679e318ecc5ea539e3dcaf87473e2573189ce500b616957d88a09a014baffbd66990e41a3432891279cb82d9c4b50675ff067b76503535631aab9a29ee7e274eded1cd542c801bf519e1119fbab84f57c7686209c9e5177545bf0f403609c81fe6d8f2979d886c43fa3053b38b6e21ec3632011c97451d8409f169f71d226e61fdd206ec5f962b0277eee286a694ba5381493941ed44b3659994d3cd2a8c9c3bdb2f63d77eaee180428d7d6df86f6738cf7adb4b863c9e0eda9904bba4c2c3188a1ce31c5b082857e5566055c8cf58a9e9f7624d220b8d3093cbc6eaed7fcf15fc700ed711575aff5fb5cb7e206c810ea7a766d2960a1356687aad2ec171e4a1db6540a9257385a1e8b9f029485866c32e74c1a19e1113040c9d215f9f4bb4311f0d587b9cb6d11cdf28d4cbcdde4ee7831e5c8608335a1e41883b55b3609b9c4fb8489619481dffc6224e4c98b1e89831187b28b6bcebe7f78c779f5a2896e47bef8e607811b435c517e8e3f19d74752d7ae99cb7caf69c0f977f1b94f8f11bdbf35444fabaac2fc0e568d3b5b3b9f13162b1fa92615bc16492b870fc85c79c51b6516276f8e559e769a8d37a2335d67edbdbe2d4ded10e790004000000000000cb27fa7d0607a5c83840e446ca0d231ae9175ae9cddf35443ef8434a61d54b704d2b46835ca030d4325dd62918c361c27bd6e422f3f8431ff979953c88a5f3d07a84b733b2fffda5dedbc2ba876ea653aaa2a8446019d2cb69c4c7023177af7b5de358c4a93ba969415c7e3bd3e10a17653cc4c0031dc779d47bedc8d0f77b9fb39484e47d1edfa16a4839d7e3c1f4147bf7a5a41395980d0234577d433c4f3663a648865cf5cfc4a713bfde809cae8161f044770d8f3dd65f183392ed73dd0512951dce40dd6f68927144d09a6df1225769a47a2f1dc7da5a0e5651dc0198c2feb7de7aae5675a3753272294cdc8f05b4bf1b478d6e2a18f6a9dfdc42421bae7072786a4122cb3fcc61b2d0bc9314b92be8be3f9b8b109631305e06b52c0bf621d577f014d0572327c49fd705b4578eaa8f198b37c139c4a8008763c654af912552549203733ad09c667104a3c1756dacc50af3d19bd996a99a7f857d9ff8c337c6feb16cb7fe282cbf8c975bdb60a7ddaa056352d9cf752f2b49fd0ae9dd7a263c4e1c1a027c7d45529b5a49de9f2306862b8ef8d386594f9909aabc849c5955241d192ab57d52fd2c7db0e4066bc3f70445599a60016de606b30a92b1bcbcd9dc8cfb492a6e66aa2be612e1d5f7fc61989d51285f1ef8a4e724a46c36bdaa6bed82ec972fe3e929a7a708397432b13e266d9a66954e011a158c9bc031587f9315382dfcc2334100d99b7d50b87096970d294261dd3263bee8f5aac2d86f070d70e278ecca4cf6ff05e511c0a65d6da81b68d94cd635e9dc98c1259fa2060de60d05117090a9a36d7b7aab999cd28a6c0727336312ede8f7fe0118e22aeb4094a64311fa766412d68ee04a93a1b9e2da91afcc91a1fc3c216f0aed6da74baed3242e620482ae01d3055562d16cab58500a5f41145d2275f6da8e24003cae19a7bdb9de8ef57965341253901962d846fcfd687e32fc81e716c42fae279382c8a750c9ef9543c942ca644287ec9cc921f99e9c901810a342e198f3b60a5c75aa91e67c1a6f08008841ddbe0766604b38a211929682303ce61e8024ea4589aa955886adc98f365af515daf30c376eb2b96fd78d46bc3999935a336c89f02ebe822bb5db6a1fd145c4d403b88f17b3fac670b2eb1296b3a5a7055556c21259695c248696162fc179aa1b4ec10e022ea7bacd0255937f9aa89f4d4c58bdedb54b43fde47268552f51b949a9cfbdabf6e3172853e6de9d0b0d9643349595769e98dab85282c49ce8c52301c04710a2c43cf63decaf65243d4756015b681bb680fdd1aba59d63b54e2ebedc68df32e575a95adfb2ffffffff8b23ffb498d03012250f0dfaaed5353025aea7a35c8a89873b5f73adb41cc864b9f86e14624d70c917f05e47bab793958de9957cf23c94a9807b30bd7574edf66250224b887a8c02baa05cc02abd4c008339129b3109f1b04da29a9edf472991a440fcc8e586bef32b8c95fcd3d6702b9f43bf41454d5fe72a1f1ac80604c93dc9e9abf9a824c6d45e65b4f39f8341799dce4eac5e9036450ba7829221fdac7ec394c0a8e9813f5aad3ad0052f5156b3dca979e9c9a8755d4be2502727d346889210a13e5391951afef1880bcbd2a9ea020c9b2946563cd40c40f6202bce9bd1d2a1bbc3e5e6b2a9d2220343fd1ff5cde1b4d27c0601b8890b6ad8d3d80075a23725bddd81c15cd1b63e0123c4ac01de7b62b1e0fe2b72eaf400a1bcc63f76316d471eb191c931d5350e83a110b89e77668cfdc47734b91c2268fbbd89ce15b50b84c423a1f27943c32739e99b046a665c966275dba2dd6449b69ec53e5cb9cde89afe4149589c7378f5f3648d748bf3d46fa53f50d1228714252a328cebe7146d81dbb2f850aad492bc0697e2760dc9c60bc76a010e85110c0076478a21b47e5fbc4f7397a319e1db642e305bb1330674d96eb4b421f0f2131d125d4cec8aef4637dce572bad633e076972c9147a48b4c67135ace6a4490e16fa4731d62864e910762f1eb58afa63031c78c375a90147ceef07cd1e8155a649f2558d67dba9d6d2e012a3af4b603cd094e4a3b2e30c65c80cf8d9b2cb840e9df91e70162b80e74be96467574ca0ac5ad52238163283c556f0865c2338d6dcc73fa330634f6e5ce68e766df2db5b7edce0d98203e1d4374e7eda3558667229ea2daeb74156cf5895c4afb460cb4037456b14d9b748ddf7b8f3d5accd3e0d8d2eca2a78056d945eb4383078cc09a3a77736ce4e91f8174fe03fdceef8df92a50c2797b0cd06c6f1ae95650e48d103fb269c0a004d62237b77257807c8954678476030d788543d84770a1533a72141c7ea919e533bc182a3306782233d1a20153fa3e9e315a856e75f760bb7f943ea2f5956243f75fdb241ddfb4c081219ebb4eb3c3e989e3d953a93d96dafe1142c29434a554a92d319747e618cbd3af5202e51d30761e81b6c2d6febf221e3147b63171ea5dbaab4cba1b0fe7dc9cb249d74bbbcd7ef11c35fade1132ee4b74dc6090cfb6f852fb01d79aa0e5ee6897b7c021c6a1e69995e0546932c56e65b2581d619fc59f9775f3e8573b3c4926b8f6a9041512788d11a6fb279941ce24fea916e6568db25f1fcd3fd1e907fb3c45ddbca37230f5b3ffd48cf9c2269ec068d0bc528aac14807636c9067c5e32f2c2f259f6502ffffdbea40ad1b6b4a1d819fccc5c77da908204781747ecb0f2245dfa2941a9dba5d11ad186ab0eb87173dda634bd5a9221143e244c793d6262c904a64ba36cdced65abdd3be06d534b649b03791f7ce41e9abdea4d2c17f14bfbee0455dfa791f241341c78ce24cb8b86a9e332787d4ac1bdc20d022ae9588e8d63c22925d5e507bf41faddc17e01d3354c597908124705d88131b2e8ce8d04d660ce4100b5288d750d996e069bca1fe21f9b84c97011dd14c95c3cd538bf619b1df241fcf286c7014f8467a7ee81b2bef1c3bc56573894dbb54efb6a2fff0302b26c7589e08993e755059ba8b94fe728f1fdcb8ab10a5133d0434973e6667c25288b6e5e2d75202aec6bc0255177a53ea7c666afa79dca738a9d20990f118075b9f1cfb8ff1e5be75b49635bcbf43cb3bf97719dae8ec5c5528fcf89a9dda8fe6c08f7f737d69ef181ad3e35cf8e46efd94358b4640de1c387e295ae38edd0d5b80287f022895ca4dd9532bece6b2bbe100a83fef98dc5af595f4f7e4747ff5d28ab372db71b7c1c423183fa8ba4d823cc05b7be8819dd669b6517bd753e83f4d407a72dcbfcd0e9b2d5daef7fa88c1618236375a50ad2baa6a5e0551e679dce352181a1f9e72f5fca8c323b945bdd92e2d424b3e75041734d099f778fcb1e6407c8d1b524d52ab110b02c0c9d1d4b78df12fc443fd8dc8fe82d9f3c8da7b87fdfb11e912c97a4e61425ac7b3954cb2e7e46ed0e24cc0c961dd5c2fc619a9e5e3550ca7bc21f2adc1a85c5b9dade357f1ecfd72646b27e7ab59b1b4d63c63082907b3be4cda341c49ade8992af489d11cf285b81a34c5614284ab4bb94018009e2333aa8e4630a9f6792b44b62d9c6e9d1855ffecab30c611cf5dc1e6ec09088b83a4c2cda9e5ee080df0b5e36b9badc035d6991bfd82fbb408faac15ced6ddcc917a9249b767f8844d6458411c1a31ff84e272311ea968ed3ff02f2e0caa47b1a6e030b07984c07d71e740420a9ed47b26799feecbba4f26dcdb61c9422e940550bfafa99ef0f826d2bcb1d7862016abe81d021be29adabe2c399fb9aa2f3ac472012b26ccd4eea2957343b06ac8ad71a637b8fa209ab6d4351fae53a9af0e920c043df94eccd5c1a847cb17d13589021f1a621b457fbe02a16f0f4b9dee0e7eb9358b8afd999d47f5143d49d4aef227f5b06ecef1ed71207e3526ff82b6ec69d3e8788f6c476437fe96f0533394027cf48e3e146aed7943d872bc35de34f7fdba13e5e1c259a68aa8050a813aaa1cb0d7f59d4efcb64b16f5068b43bdfb726e5fa54a1675dcab0697fc47a4fa3dd472022cc0d317d39076ad9847e72e1965b227f3e49ad6e8e742305bdd05d0c88b5859d6cfc98cc47a566269dbc4c200615f3e995511a69d8e724f0c842c06c46b5460dca83137656aae785e8415cfb57d57265af9c1d8f126081bcb218a427b80ccfaa95b8bd3f87f58f09ac52a2a47bbff99b057576d26876fa758c8e41172dd2bd45742a30d55f1b65bafc0c7c9c785f583069caf6de080c9057238e110456c0f9e8d898918b6981011f8dd17c55caced49eed32839305ec37b45e8cc4c35aec0c8a4cac54035a941842e5d19fd298757799c4a501718bf21a024106a292626d4eb3c784119b9f5003c6cdb36e442c04ca5b0ea59efb63fe90f9e218fdd9f0864f407cf8edbe71f3fb1d3a587ccfadbf7a5acbb0713b1ca1991e25e75738ca68e1817d08fdbacfab6900242b91ed9541efd2ca469bf7acc7857185d47506fd0a735d7b542949241976cfb1252f2e490fcdef3166f993ff9a812d0af902001a4f239989c087b41de65f83af93e349a2d37ad3b59c5009465e14030ecdfc8fec2d27939af2311bc5d544b19220b12a5782deb83f0e193f57cc4631d8746e7d0736e1295128f3a48aeacf2952be3005b09de00c9a4565e07692d8355a947d072de4324f2e8f3b2f01483d31999826b4ac7bad4f6ae099225f751995f463e5f762b9671ebb79fdfc51b5080af6fae4837a4e00a76b775eaa6f1fa1479b6afe5d66ac5fd148fdc4750d6ae1e268da446ba08dc4d7c872bd6401f1dd6b226e91bcf77c085e3c115f49d05a29c4e282caa7b8a60a1fe09a2e98227a2cbaa838d6053cb56bc7cc84e6ffa81c18ee26c1b32c2ce205c8fe93d9f4fa8d983b4901c80d766a3299fd62e3339a697305ab7cda995b3cce61e3372f152841ec1d540c9f6cfe2871e7cf4e6997afac85b1c05bed03a5e017bce4b45b0903e9c60cf3538df7df9d8fa93b53856fe93f522f723470c553799c90c56fb705040ba78141f7e5e9117f4876c45884edd5059c8588fc39f9c6268038c4a462a4a5fbbecac0daaf54876ac0217a9ab6f83ec52f15a170005e57baead0e8b1570508e10d2c9808ff3a437436d93ffd02c72c703e2e1917c0c82c3a4b4c03cb91c961451e3f6e2d9d9e58ac1810831d7618f81a34c23cc14029326f16cd043e82ea3bea5c6bcb84152d140659d1a4f135cee82640f96e177c030907117a6c6a8049fd3815fa06249ba4b37c2381c0eca124e7f5abd393c6d175ccf0c5fd4a6e9e00d5338899ed03b5a5023dbe4c6ae1f1ffc192411049e6fa34adeefa3b2e6b45165f341e0b853561ea0d183d93100efe80237ab878312281d607ac8dc10f34e6840a6b6d5c2975348a15761326504c24d5ec648f5714254087bd8c53fe131461ca4cea09ab52848b2526edb91a2bf6c0287aeaac51eb720507d66522ff2f94d90ec584f6088910ee079538e43cf8db55e2f0d70a60eac90eafd82480d11ea5dd795a05a698c2961eedad5f8a79dc3ffa92129f76b8d795e24a1905fc82f11c40d68d11af282621b9a2e39a8dd146013bd3a044f55366af078f7c15adc548029ba4ed896ddb646d74e3af69d8597831e08eb4df1b7ed54b8f3b327753ebf47d50a215c461cd422483c8f2d54f010fa9b76e5afef86b1bb8aa6d4b0c5c9ee798791379ed4dea481feb37ea18b5c7c0146aed32772245cc39628ecc13e03b76c302f80ebcb50279fa2ff74139468a23f36881ee7e7119d8040f90c7e3d8f75d80624d17d881e363b4913eb02e73224c7dac1077d19cc9063f8831053eaa9ecf87ffc31140f6a0a47869e5a5660e5d53b404c34e17b4693df9d5418131c8aaabb0e15aee98594c57cfb2202f209a4529a293b37ef68a2e95fb8fe5142e974f1d3fe3a08ed169379387e96ab5d927771ca7157e9bbd2650992680105dcd6a75829e0643b5ad708e5c65ea4b04b3eeedc24bcac8152cb887f32436a11efab6dc2509fa42d3d31e8aac73e9e8e84a88d7096b9549bc4a879d8f824eb63809a253409294f359b76ac3f031e6bf74a4de018f1c666239bae7bb01c523f53efc922232415d68264872296967dd150af095a12717e7eaeeb98f48c84a70fce8063790f9c2f43db477175e1c8da911ce853042d84e7f24df59e8caca5ee93e2daa6aa18e92930b4495dc22ff6729964942d1baaccd07233dcab828c2254f719132271e9239390e2ebb74ddde7284ebb8955719f7d086cdbe7eef6d7298576fac821eae5a8b6ddf9d88a1dcb32121b6d3ce49c245dd675e8a3b2254a9998ec0d0d7d9570bf6b6db0392c5b060872e154841096351d880f71bc00e5a576b14c26f85840c93a0c424cdbbc57b1d1212e300a874921c1f9c0de14a8cf61f8ebd03eee5cc79f34a50c6dae8547b6634374e0bd073f7c162d4226a26032bc154eba7964b2975a8d35f17560a5312cf124741c74774f9a30f8d5ddc891e78bafdaf4f86d16d4c1363d23708463ab1314e3bade23316c7fbf51d2a2417da5162f9112c4331eab695d457e3712bb5f880c68367dba95b61f6f6a9297e477eaec615dff2cd3222f21d90abd8bd4b12fabb278c9fd44ce1ed024ccf908cb4995a1d9da53f62532203d7079e20a46b2b069be4b13a52a81c3b5227f57d6c184945a1799e80dbc7cd137e3427df352c0c0fba04f3b7fb02aa36c9af4611ebb51333326f8f750d662a0a8b43e30acaaeaf2653431b57e95a77adf8261298f791d200c02bdf4b821f7d09f972dd165ce92109c8dce081bd0bd53f598200bb3c5d875bbf1be2a7dc68355e42c515c20f2d72cef3d680a42e8a705f17c6ce15f47b144e55a3e566cb73ba5ee18c5a1535e5f4b4c1774736ed1654bc024b6c748b48d9cea48a06a571d264fc876f9afb2bb43441b39bb3f9e844f70dabd4d0ea06a46c1361a60ef5914411397600e63ecaa65f6598b4ce6f3a967c93ef0697e268b70d0637709ea3fef1da8afed0d2ffd36503197efcf68e0a2cb10b4104b209c133fdbe11e07a8d5c511045d19b69c63818e55168de4357a99eed1d8410664efdc866451de9bf6794d9742e2182449e2ae3869a01f1ed7ee37ffe817a38c502b8243a1c05f1ccbd349c7b9864cbf45b5a3c6f395e4a6602a02bb80ccac94ab66d67dfd8e5cc6fa6321e930354a2c40a1e8d360752dbdcf00134d34a21b24b9a3b0cc418f3c191461f4c9d8243176f42a8109bb05c37ee715ceb027861cf71268f283035d71ce4bae4ac5f79ee5211475ddfc33f02dcd91276e5ca265e5b9104222fdff5969f434a4412ba9fe00aec27f559b63c25a9e8d53c063db549035ec2c8e91e1a6247045541a7e28ff6c13e9f29a3683e55731d80d714b9d5801cfbf617aeb6651290293ac0f4e246df99e72434772b7d8494485537b7b2063c7bc5e80eb6c7ab6647d01189cc910aae2fe8249a0fc3226caa8994b476c6777bf113d153c43da337a6304fd10582d58919596a6de42ad500b62c1e6550d8cdc059496073a48110b2fccb42c96e3e3640f1a87fe379779adcd8836aa8dc545db39bb3afc032c16977e150e9572c3e5f8e04bc15497ec8217a0e187b1bab000000000000d47a105bdc3c837091daf5fbeb3ee5ce10b132f912b89ea1c6b9ecb8fbee0e4ea4e43b835ae583b67aab430dec741ea03195fed3cc164472d4b571d166ae20e0a309a80ce00b0fb349f7641f41a31993a8bd9ee092aa7ef16c9563e4db6236c9e702710dc95b198f533b1140441a1827aa4bef6a01c689127eb7028d1bb083edc8a08b8d239389d99948f1290623ba908e6e1c606035b70ba7065f8011451151dca715fb920b4d87858f01c5484df0e6365600", 0x2000, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
lseek(0xffffffffffffffff, 0xae7d, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) (async)
close(0xffffffffffffffff)
syz_open_procfs(r5, &(0x7f00000001c0)='stack\x00') (async)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_ASSOCINFO(r7, 0x84, 0x1, &(0x7f0000000900)={0x0, 0x0, 0x2, 0x7, 0x1ffd, 0x800002}, 0x14)
sendmsg$nl_xfrm(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000800)=ANY=[@ANYRESHEX=r3, @ANYBLOB="ec8835a14cb513c8f97a70062bef261c3ac78c0161e54126216a42249790c40fabff663c1caefc81771d9d1ac1d7ff0e0a879903608b4027825db083db76de50e8aaa7a085dfa55601c014f2da9dfd95c44fc7833b9767dd7295a96f8ba13b6b", @ANYRESOCT=r1, @ANYRESOCT=r3], 0x48}}, 0x1) (async)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[], 0x70}, 0x1, 0x0, 0x0, 0x20004090}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x0, 0x0, &(0x7f0000000140)='syzkaller\x00', 0xfffffffd, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, 0x2}, 0x94) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)

3.458200434s ago: executing program 2 (id=1006):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x3, 0x48802)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x10000000})
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000040)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, &(0x7f0000000080)={0x28, 0x7, r2, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0xa})

3.199185785s ago: executing program 2 (id=1007):
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000600)={@fallback, 0xffffffffffffffff, 0x24}, 0x20)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$packet(0x11, 0x2, 0x300)
r1 = accept$unix(0xffffffffffffffff, &(0x7f0000000100), &(0x7f0000000040)=0x6e)
recvmmsg$unix(r1, &(0x7f0000001640)=[{{&(0x7f00000001c0), 0x6e, &(0x7f0000000300)=[{&(0x7f0000000240)=""/152, 0x98}, {&(0x7f0000000640)=""/94, 0x5e}], 0x2}}, {{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000001700)=""/4096, 0x1000}, {&(0x7f0000000440)=""/180, 0xb4}], 0x2, &(0x7f0000000540)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc0}}], 0x4000000000000ba, 0x10000, &(0x7f00000016c0))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x68c81, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(0xffffffffffffffff, 0xc01064c2, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
ioctl$VIDIOC_QUERYCTRL(0xffffffffffffffff, 0xc0445624, 0x0)
r8 = dup(r7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r8, 0x2000)
bind$inet(r8, 0x0, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1)
ioctl$KVM_PRE_FAULT_MEMORY(r6, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, 0x0, 0x0)
epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180))

2.541066092s ago: executing program 1 (id=1008):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
openat$vicodec0(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x44, r5, 0x211, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @loopback}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0x44}}, 0x0)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(r3, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="94000000", @ANYRES16=r5, @ANYBLOB="04002abd7000fcdbdf2506000000050005000000000008000200020000001c0006800800060008000000060001000200000008000300ffffffff54000180080003007f0000010400fe80000000000000000000000000000000000000000000001206000100020000000800030064010102080006001f00000008001300e00000010000"], 0x94}, 0x1, 0x0, 0x0, 0x404c010}, 0x24040013)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, 0x0, 0x0)
r6 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r6, 0x47f6, 0x0, 0x4, 0x0, 0x0)
r9 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtaction={0x70, 0x30, 0x0, 0x870bd2d, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x0, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_RATE={0x8, 0x3, 0x5}, @TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x8, 0x4000000, 0x0, 0x1ff}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x5}}}}]}]}, 0x70}}, 0x20048000)
r10 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r10, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00', <r11=>0x0})
r12 = socket$nl_route(0x10, 0x3, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r11, @ANYBLOB="08000100", @ANYRES32=r12], 0x90}, 0x1, 0x0, 0x0, 0x800}, 0x9815)
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r9, 0xc01064ab, &(0x7f0000000240)={0x6})
socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt(r0, 0x1, 0x5, &(0x7f00000002c0)=""/60, &(0x7f0000000400)=0x3c)

1.94551978s ago: executing program 2 (id=1009):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb47, 0x9, 0x8, 0x80000001, 0x3}, 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r2, 0xc4c85512, &(0x7f0000000280)={{0xc}, 0x0, [0x40000000, 0x0, 0x4, 0x3, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x2, 0x3, 0x4, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x5, 0x4829d, 0x0, 0x0, 0x0, 0x0, 0x1000008000, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffc, 0x0, 0x9, 0x0, 0xfffffffffffffffc, 0x4, 0x0, 0x10000, 0x4, 0xfdfffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x20040000000, 0x0, 0x8, 0x80000000, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x2, 0x0, 0x0, 0x100003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x40000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x1075, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x3, 0x7, 0x0, 0x20, 0x6, 0xffffffff80000001, 0x2, 0x0, 0xfffffffffffffffc, 0x4]})
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x60240)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r3, 0xc0a85320, &(0x7f0000000400)={{0x80}, 'port0\x00', 0xee, 0x1a1c17, 0x6, 0x0, 0x100000, 0xffffffff, 0x8})
r4 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0)
ioctl$VIDIOC_S_STD(r4, 0x40085618, &(0x7f00000003c0)=0x800)
r5 = epoll_create(0x101)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r3, &(0x7f0000000080)={0x40000014})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x4080}, 0x40)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
r7 = fsopen(&(0x7f0000000400)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r7, 0x1, &(0x7f0000001680)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\a\xa5\x8f\xab\x1a\xdaY\xfb\x03dhS\x97Uc\tnZ\xf8\xc6\x1f\xd3K\xfa\xc8\x8d#\xce)\x9bg-D#g\x16\xf4\xd9\x00\x00\x00\x00\x00eA\x9f\xc3\x11\x18\xe6\xc5\x95\x9e!^\x97\b\x14\xc5\xa1\t\f\xdeg\x8d\x16wW\xf6\xacE\xa3\xc8\xe7\x05\x00\xbd\x1c+\n\xc7Q( \xba\xff\x17N\x1fB\x91\x15\x83\xec(B4/#W\xc5\x05\x9d\xd6\x02\x8cU!a\xdc|6\xdc\xee$\xb5\x1deC\xfb\xa2\xaa\xe0#\xcb\xde;sA\xad\xa6\xb6P\xa3\xf7\xc3\x93\xd4\xb6\x95\x02\xd8*\xa8\xd2\x94\xa3\x89\xa9\xa0\xc5\xc9=\xc2^', &(0x7f0000000640)='dU|\xcbM\xe6\x91q\xe0\x05\xbes\xc0\xd2\xdb0}\xa6\xc4tly\xe0+\xb8~\xd9ymx\xa1\x06\xb4F\xf3Q:\xfem\xea\xed\xfc\x04\xf88\xe0\xa1&\xa8\xff\x10\xb3\xb2\x92N\f\x00!\xdbV\xc3\xca\r\x8c\xfb\x8esJ\xb3\x1bf\xce\v\x0e\xe3\xd5', 0x0)
fsconfig$FSCONFIG_SET_STRING(r7, 0x1, &(0x7f0000000280)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xf1<e\a\xa5\x8f\xab\x1a\xdaY\xfb\x03dhS\x97nZ\xf8\xc6\x1f\xd3K\xfa\xc8\x8d#\xce)\x9bg-D#g\x16\xf4\xd9\x00\x00\x00\x00\x00eA\x9f\xc3\x11\x18\xe6\xc5\x95\x9e!^\x97\b\x14\xc5\xad\t\f\xdeg\x8d\x16wW\xf6\xacE\xa3\xc8\xe7\xec\xd6\xbd\x1c+\n\xc7Q( \xba\xff\x17N\x1fB\x91\x15\x83\xec(B4/#W\xc5\x05\x9d\xd6\x02\x8cU!a\xdc|6\xdc\xee$\xb5\x1deC\xfb\xa2\xaa\xe0#\xcb\xde;sA\xad\xa6\xb6P\xa3\xf7\xc3\x93\xd4\xb6\x95\x02\xd8*\xa8\xd2\x94\xa3\x89\xa9\xa0\xc5\xc9=\xa5^', 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r7, 0x1, &(0x7f0000001ec0)='\\$#[\\/\x00\xd5\xd4^\xa7\xe4\xd4\x1f.yh\x18\xb8s\xe6\f\xaf*4\xe1\xa1e\x04%f\x8f\xde\x91\x04\xbb\xc8\x17\x15\xa4\xf0\x00\x15w\x00\x00\xed\xdd}\x00\x18\xf3\xde\n\xbe\x91\xc4\xc5\xe6\xd3o\xaau\xf34\t\x9d\x80rg\xbc\xee\x96p\x18\x9e(h\xeb\xd9\xde\xa6\xfc\x8e\xe3,\xae\xa8\xf0\x82y\x91\x1c{\x85 \xc7P\xa3\x9c\x06\xc1\xd3\x92\xcd\xcc\x17\xb2}\x13:\xbbh\"%;\b\x7f\x91\x8a\xa5Z\x92~<\xfe3\x19\xdcVJ\f\xd1\x89d\xf9N\xbd\x92\x86\xa2\xa8\xc0:\x1f\n\xc9\x8eUO\x8e\xea\x99\xe1\xbe%Y\x9eH#\xa4\x9d5\xa88m6\x89kE\xce\xc3\aBW\xec_\xea_\x81\xbe\x86~\x84F\xa9\xcd\xba\xfb\xd8\x8f\x01\x81~\x9c#\r\x87\xcf\x19\xb9\xbd \xcb\xff\x88io\xb0\xb1\xa0B\x8cI\x82+\xc4\xcf\xf4!+\x16v\xb6\x8a\xb7k}\x1d\xf2\x1c\x00\x8f\xd7\x84R\x12\xed){SM[\xe6g6\xfeF\x1dJ\x83', &(0x7f00000003c0)='\xbd\x10\xe2\n\xc4\xa8\xa8\xb4\n?\a\x9e@O<\xf4s\x85~X\x85\xdc\x11\x04a\xf8\xa6f\x96nB\x02\x10+C$\f\xb3\xcc\xed\"M\xb6 V\xc5\x9a\x11o^', 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000200)={'wlan0\x00'})
socket$inet(0x2, 0x2, 0x0)
r8 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
syz_open_dev$vcsu(&(0x7f0000000240), 0x2, 0x101000)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000001fc0)=ANY=[@ANYRESHEX, @ANYBLOB="8bf9bbb2362087f64555bca04ba1a2181542cd3579ff28a108cd3de1ecb0984284b6a5f9debe4877339b26bf6432667674e00bce9ceb3c5239ab510563baae2c90a95ef4df1458f7d98b806036e3a141be2606119e0d968f020a06c4499f2bcdd1a64cf7c58457706f27551d4ba7118d55dc1ea91955c37875347f570db72cd3def53bf3e89155a3d0357994bd93d36d28b337fff788d326d61517c08041557a6c9132706b0f875962908381e64609f95379af5221a04a049429aee4222f5daa335c35e3305565499481eb121bfacd8ed07ba71acdd4a64eab8fdd72094012aaac4ec866716710fd77f80a7de0adb10e361e1b563b960c18d400d729c8b26228f436dcd9a5007c9d085d9e16babf3d3d9eb97f06806631285cebd4ecf2787d58e0e12fa53f704e926adcdcc4173fc7f1650f9994b4dd6f81858cc4b600d5aa53933294cdfd70b7f0a36527e91838945688efa242268528bfce2e3665e362d8bd7918c0545d1c55274b8f21bd84fa9784b243b8c0ec9c8c4bb54094ef0e2e98de4b7b9f583874e208e29cba46f91d7868b023667ae400cf3eb3442faae72eb7a95552e086231f7e987237c388b7ba6faa0ea407363508b3a6428dd77a34b15c972201147ea7805de4c31bfb2ee41a147c56b57081203ff7e33aa955db0373125f824ca0b312afe67e5b53c556985af529d830022e670b16fb04c499a229bde2dcf76e0fdb2ad050d9f43f41af12a5850480c7e9a98adbea6e7484c03b6585603f28ca1cdfdf8af46d46d270e0c64c62a351b34f7804701d4a1a8e4c3207f9bceea05badab499e855a70f95209cefd6d32977f4ffec69855c066b782466fde281f5044a2d962ad7b6d148bce8106867bed00474e395385bd5ef588710e6e1c3d1b3b583d967e3513c0e6dcfff82175a50cbf57493c4475c61bb333a11d00a74a09120e18458e3cf7a9ca34a4668e887076cf5b637f94baae81a278fc0c27e38741505b9cccba8c7823ce97aa2222463fb27441aa2ed36bf9d219427208e511eef37192a9591375e2c818b33e126ed6e13a13ba4c973ce6d6bd9473144598eed461ba0aa06e3eef64798c88467fe933b73555a6c0317b74d5e402a22363de7050b960b5ab19fff0247fef5f97db36321331bad0e5eab386d9a0fc24457921d8f70ff1191ac0e0146e9442250c2cdfb808f30dbbb1e94156b7595a48221bbb302561687458f4ff42355e1d05ce3c06ad1cc7d9cf4a223f93d5d859e977c1fa83df5cce2fec8eaaa118283ad14d894d360ea32bd4ecf174eeb6994caa9300cdccc8383f532447acfc656a80db1dba5695fed2f8b5503ecbb7fbc5d8009988c86646ea8e8fafc09be9e1fa11c4368007be673a84091b896947d72e636286b951ba258a2d1499e3a2b673db6fd4896c255e799e16d80c8d59e3b4960c485e25412680368df34070b7bb7e48f558fbccff0898e206c141d576f296a60663027b3146cbd9376a2468b1d8599900fed1087ef3eca66fd137cb59f7d35e29453b9a4f4892957e5a84f79a9a0534f3c17bddd31601d03ff44882ccf6107359dbc735eac295ff611d96dcb99230ab989cf735c04135a629511ee3cfe9b1aae2de4033c167ec4492f6ae2aad34011cabcac93d0d5c2730101ea8f0fec7eb32b6860355830a24aefed8803690f94827939fb362fd3bfe60b78f51ebe002bccc2103228c997eb44e169a8eb3eb47251050a7819f0e44534631ddc903465948d68383d2a59d45daa292c2a09abe7d08be0a635ba82ef6c7e4e27750de5968d1270e11f2891370678cad2e1e9bc9518c7ecbb1aeecaeb29c4f92f173d42a653c20c1f16422af8749e93da28efc61ef16643db08624c170f83f1be198f8d3aaaa72db7206b7196ce65e38192a4a413cbfec126758aa713083a550cbf2c0dd70579aa7080714cca778bcdadf628771306f9cfba05bb169a2f8eba5224e12518f76324ebc00d5a510fb965cd56b1dd3f469a10a7ab97766d599a61577e162b087d4fd41f044ea16056c194a2bdf88056d5c2d57c3b3e30d8bfd3269b0c1c18c4752a36fb6ba6f92239c67d41083502d1561d9d1ef3f283ab5468e1d61bdcd47c1207ff9c8687c23eda022761e6b73a45e8182a7d00c20dbabe805777fb41588751754689d632875f62e063707befcdabfd252022ccb481e12425f41fe6dea53c516647e64397752f59c2bde42b20ebe0c604de5f8726be117c1cef3592cf844391d79c7c46ad7dfe7fa2654b4c53aae47851a4764de2c15930afc3645a6842ef5d3cc35708d99d0f1671099903ba97c5bb94cf2a3d4071c648a7e7e1cb4d97908d67600fd1b8cf7347c2f55ca8b00eaaa2876311fc57ec892b76b6794a0c514a75392e6451409bff86b1801996f7bfcb5bcc8bfbdce170118d5ab0d92adab7e16e0b6091ff89ea5a28b5f4f008d7b53bcf3eb3f66ec7bb1c8c9c6b9f2f3533adfc044b81223019027fad884cc8c6b0248ddcb49c30576d84a1eb1401e0f693b8f913809ab25902aff59e7def7b5440ed09daaf31cff60637456e69588f29eff968bf45524b965c7d36059fad0b1583278d5670c000447bca63bce08a745f86807e3e3d0b79d0fb0bbb9549094f3ea754cf727dd226d98cea6cbdd9da4921ea3806e942b39eef29c7c20b72b55e170d5ba749e7de35d3c4b6d41fa020c65660fb87c7b3e56c5838e654ec8210d1916c98f6c14278622ddfcf0749711eec35eab951d04e937d6deeaaef1f08492dfe201d49465fa3eef8639439ebbe3f3594cec545064d0c6d19abf79d5b08b701a1fdbeeb3dc5665d162409d8d30819d12de0bcaef42a83f3c928cad5e269b2510c747a480cabe728989d62acd0f50652e3cf2d6461fbc8dae1c7b456468dc1fa615d798bde9fbbd8e331c2831c398a0b9428c61730c61ae8c928400db2bf619d920b460705de3944df31b0e627ebbb89ef91a52f8ce2f747d27355cc8b2ed731be957e9898ab4ddd878ba99c131d344a97b608da160c5404be28efcad02e45ba16dde75d371c0f6820d04dfdb62b5983f3435eb1ff303b65bb031e8981f3cb41b24736f066174b0c2a79a503341214d055d4fe70933d9915e02c4f716c84bd62872a630af6469c864eb72f4ab28352a160dd8d4a0c9d688d8c078a154374c1f9dd5a8a6a04207a4ceeeff4af854cc3f4a9427b264b3da72f1c996bccce3fb0c9efd88344120616dbd04244418c6ba3cea246f9a376710d27b49824142cfa9bfe12bf2ae9e05dc8ba5af3550f072fa8aca252bb84ec609f45b33d6a78781c3251b0cff7f4cb2734d2a3d5a4ec6951eea6d14ff74a428700695de1a15e7e74a4723a041f81e419235eb5572530d08d0fcdd5679e8229336da6d037814809f288888b74cfd37947cc4a1ae57e5e3438bd6faa0046a692896795b4ae16539d63267f171ad0b532bf407fe17566db6a0c781ac832b5653d61911c0736354a4c4d515387baa470ee65647292ca98fd4b46cdef5cbf214c5da9e58bb006892acd67d179aecc84c721dad34c4242db99b5644b186ac8e2522df99cd285d544e131a61e556142494c78b39fc4feeba0a53ddd1bf6b4992a6392b58384ca7b316349d58991eecf8030032a60059b58c20fc26c2030cce7f42126eccae2665290a007be314a9a613de94a52cda569cd164d8081ed60327d7eec1f5f2afdfb7eab97461bb2eb2b4b8803f629af9906c08e825374c798416768817dbcf4051669bd7bbea287611b5ef36d21d50c40d892baad7183fe1cb1518bf099943085725af3310d95d65f6ae0074c74dbde36d775844e3f48fd0600bc4a5da82a0712f34731e1fa314e26b046db5e107b3f28a7b0c258578087e9098084ba7d427a129b8295692b80f0e4cd341c58686d12166bfe044f4626fbd4bd0d8e84075d408e4f60dc5d9d70a5fd6f91c9487968f5b74c2ad878f34686743a5fb2dc8a01d98ff14e6d0d39fb4fa31117a420aa2f3bc24be9c5f3e6ac86fa7f7c199ccd7ba7fc0d156e158494560d9b57420851a139a9c25af225ecdbb2ea8d15878926e171ea4ed589d47d315bdd38c5b190f2362afb404fb037f2f9ea652214ff0e84f35164312ad4bb7cef72ea477c5148df46675ef86b78b49b674f29b3c6d3dfddb12acf8e330b22b9b3e5beeca9465727de66e46b27476c82ec4ca7af623a49d375353c2888c3f2b2e3cb370a203e2e76cb88cc7a2878127efa0f239e5ec8f4817e121f5038f8dc4ad009136dc9640e02399c850819d0c9a1e8f09ae503dabee1c002d6b4825191a27c9602ef8db2b13347dd31f3a63c366a059b7e30250706ba1a850cfd817524c65"])
preadv(r8, 0x0, 0x0, 0xa, 0x984)
socket$nl_netfilter(0x10, 0x3, 0xc)

1.284352944s ago: executing program 3 (id=1010):
r0 = socket$nl_crypto(0x10, 0x3, 0x15)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r0, 0x10e, 0x8, &(0x7f0000000000)=0x1, 0x4)
recvmmsg(r0, &(0x7f0000001000)=[{{&(0x7f0000000040)=@sco={0x1f, @none}, 0x80, &(0x7f0000000340)=[{&(0x7f00000000c0)=""/37, 0x25}, {&(0x7f0000000100)=""/106, 0x6a}, {&(0x7f0000000180)=""/101, 0x65}, {&(0x7f0000000200)=""/23, 0x17}, {&(0x7f0000000240)=""/234, 0xea}], 0x5, &(0x7f00000003c0)=""/113, 0x71}}, {{&(0x7f0000000440)=@l2={0x1f, 0x0, @fixed}, 0x80, &(0x7f0000000800)=[{&(0x7f00000004c0)=""/62, 0x3e}, {&(0x7f0000000500)=""/242, 0xf2}, {&(0x7f0000000600)=""/76, 0x4c}, {&(0x7f0000000680)=""/199, 0xc7}, {&(0x7f0000000780)=""/77, 0x4d}], 0x5, &(0x7f0000000880)=""/70, 0x46}, 0x6}, {{&(0x7f0000000900)=@pppol2tp={0x18, 0x1, {0x0, <r1=>0xffffffffffffffff, {0x2, 0x0, @multicast1}}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000980)=""/146, 0x92}, {&(0x7f0000000a40)=""/149, 0x95}, {&(0x7f0000000b00)=""/221, 0xdd}, {&(0x7f0000000c00)=""/34, 0x22}, {&(0x7f0000000c40)=""/198, 0xc6}, {&(0x7f0000000d40)=""/74, 0x4a}, {&(0x7f0000000dc0)=""/127, 0x7f}, {&(0x7f0000000e40)=""/51, 0x33}, {&(0x7f0000000e80)=""/61, 0x3d}], 0x9, &(0x7f0000000f80)=""/82, 0x52}, 0x2}], 0x3, 0x2000, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(0xffffffffffffffff, 0x0, 0x482, &(0x7f00000010c0)=""/41, &(0x7f0000001100)=0x29)
getsockopt$inet_sctp6_SCTP_STATUS(r1, 0x84, 0xe, &(0x7f0000001140)={<r2=>0x0, 0x0, 0x3, 0x3, 0xa, 0xec, 0x5, 0xa, {<r3=>0x0, @in6={{0xa, 0x4e24, 0x2, @private0, 0xfff}}, 0x7, 0x1264, 0x16, 0x3, 0x5}}, &(0x7f0000001200)=0xb0)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000001240)={r3, 0x8, 0x5}, 0x8)
sendmsg$nl_crypto(r1, &(0x7f0000001400)={&(0x7f0000001280)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000013c0)={&(0x7f00000012c0)=@getstat={0xe0, 0x15, 0x100, 0x70bd29, 0x25dfdbfd, {{'drbg_nopr_sha1\x00'}, '\x00', '\x00', 0xa3f76ae8bd72cb8d, 0x400}, ["", "", "", "", "", "", ""]}, 0xe0}}, 0x4004)
r4 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_LIST_RULES(r4, &(0x7f0000001500)={&(0x7f0000001440)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000014c0)={&(0x7f0000001480)={0x10, 0x3f5, 0x100, 0x70bd27, 0x25dfdbfe, "", ["", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x804}, 0x4000000)
setsockopt$inet_sctp_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000001540)={r2, 0xc0, 0x0, 0x4}, 0x10)
ioctl$SOUND_PCM_READ_RATE(0xffffffffffffffff, 0x80045002, &(0x7f0000001580))
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000015c0)={'\x00', 0x5, 0x4, 0xd, 0xfffffffffffffff1, 0xe, <r5=>0x0})
fcntl$lock(r0, 0x6, &(0x7f0000001640)={0x1, 0x0, 0x0, 0x36, r5})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000001680)={<r7=>r2, 0xed}, &(0x7f00000016c0)=0x8)
getsockopt$inet_sctp_SCTP_STATUS(r6, 0x84, 0xe, &(0x7f0000001700)={<r8=>r7, 0x5, 0x101, 0x10, 0x1, 0x572, 0x2, 0xfffffffb, {r3, @in6={{0xa, 0x4e20, 0x10001, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x55}}, 0x6, 0xfffffffe, 0x1, 0x1}}, &(0x7f00000017c0)=0xb0)
setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000001800)=0xea, 0x4)
setsockopt$ALG_SET_AEAD_AUTHSIZE(r1, 0x117, 0x5, 0x0, 0x3)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000001880)=@o_path={&(0x7f0000001840)='./file0\x00', 0x1, 0x4000, r6}, 0x18)
r9 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000018c0), 0x1, 0x0)
sendfile(r9, r0, 0x0, 0xffffffffffff9b0d)
close(r4)
r10 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_MAXSEG(r10, 0x84, 0xd, &(0x7f0000001900)=@assoc_value={r8, 0x3}, 0x8)
r11 = openat$cgroup(0xffffffffffffffff, &(0x7f0000001940)='syz1\x00', 0x200002, 0x0)
openat$cgroup_ro(r11, &(0x7f0000001980)='pids.events\x00', 0x0, 0x0)
writev(r11, &(0x7f0000001d40)=[{&(0x7f00000019c0)="2d1e7db11202fbba4dc1276bc8e3be03a14d7b498c8cba9c66df8fec9dd6f29d9990adbb9e46276c49265f29a082939d7a8ec0571bcb478c1e7111b1b8a1eb846627c1da6ed0843dfa3c1cef60398bff40dd", 0x52}, {&(0x7f0000001a40)="74ce42f10704c499629aeb711867ca96ca2b5f9ad6534291bc1f1348f69b4dc31423ea038a8cda0d53d5645b63e92f58b9e93d223560c4e79a4e326a27472824205478fa4159543ce49fcc6f55500fc467044e6475bcd06517d690ee528a144edf84edc534ac226947c330e6fccb1bfc89c42b7c6bb423530dd67a42f38bdba8fdb521bbe5d9e028ba3c55b9e96728df6934d09851c4948d0097c2b1ccbbcc28c96c365365aa66db4fdcd60d04a0dbf2c4ef6936e89d466a83acf742877f8a1b3cdb8d413202a9ac0183", 0xca}, {&(0x7f0000001b40)="c7b741e698e310ac38bd6e198e14cda56536d919c22c5fec3b33435e76810b", 0x1f}, {&(0x7f0000001b80)="6c1784c3984f948a38285d2dc7cb8a17e777494d1fe9fe73bcacd3d137ed2192d0a1156e4f54907bb1b02378d633a3fe89d94ea791ec87a1050113c427d7ae303db7dd11fff8ec4c048abf6273e8f2284ef3f63dd32e21ea246a57dbf373309b8ebf629be9b79d913fa2c56af13b76474f91c5d14fb3376d0a15ee04b5dfab42a5677464a7d885b1964604e9ff0883b100ab0467bff89fbacf6883f7df4aed9ee79afb7fa590b4db37369d6a2d7b18d2ab7540af60e0530598c043cc07967bf4b02ad4e7401680c7abc0a936b821f65b1fe341edffd670c210ff9545a26f78bbfc196445baf39f07781ff823671377840a049953", 0xf4}, {&(0x7f0000001c80)="f14a7ff2fe60186293e89dca885df9338a0d3e4d6829794077e8a28d15de89749c1e267a8b4c457d9c1ae232970f4655c6567ab0751eb236ad1e8a3e7b4ede402e52a44dbc0883ee4145b14598cdf1162823989e8d52e82ecafb8443fc8310a9a5edef0e268a34c360f9d330f079f01e8224af6997b8bd51fb0f5d0254a3ee7c36f4da8d368259050c117bf160a7a3f6c82a292937fa512c6e57c85177ef34b292056cab", 0xa4}], 0x5)
r12 = accept(0xffffffffffffffff, &(0x7f0000001dc0)=@l2={0x1f, 0x0, @fixed}, &(0x7f0000001e40)=0x80)
clock_gettime(0x0, &(0x7f00000074c0)={<r13=>0x0, <r14=>0x0})
recvmmsg(r12, &(0x7f0000007240)=[{{&(0x7f0000001e80)=@ethernet={0x0, @dev}, 0x80, &(0x7f00000020c0)=[{&(0x7f0000001f00)=""/240, 0xf0}, {&(0x7f0000002000)=""/2, 0x2}, {&(0x7f0000002040)=""/125, 0x7d}], 0x3, &(0x7f0000002100)=""/175, 0xaf}, 0x8}, {{0x0, 0x0, &(0x7f0000003440)=[{&(0x7f00000021c0)=""/49, 0x31}, {&(0x7f0000002200)=""/171, 0xab}, {&(0x7f00000022c0)}, {&(0x7f0000002300)=""/27, 0x1b}, {&(0x7f0000002340)=""/233, 0xe9}, {&(0x7f0000002440)=""/4096, 0x1000}], 0x6, &(0x7f00000034c0)=""/60, 0x3c}, 0x1}, {{&(0x7f0000003500)=@sco, 0x80, &(0x7f0000003940)=[{&(0x7f0000003580)=""/57, 0x39}, {&(0x7f00000035c0)=""/32, 0x20}, {&(0x7f0000003600)=""/58, 0x3a}, {&(0x7f0000003640)=""/148, 0x94}, {&(0x7f0000003700)=""/194, 0xc2}, {&(0x7f0000003800)=""/178, 0xb2}, {&(0x7f00000038c0)=""/60, 0x3c}, {&(0x7f0000003900)=""/62, 0x3e}], 0x8, &(0x7f00000039c0)=""/4096, 0x1000}, 0x13}, {{&(0x7f00000049c0)=@rc={0x1f, @fixed}, 0x80, &(0x7f0000004c00)=[{&(0x7f0000004a40)}, {&(0x7f0000004a80)=""/218, 0xda}, {&(0x7f0000004b80)=""/91, 0x5b}], 0x3, &(0x7f0000004c40)=""/51, 0x33}, 0x5}, {{&(0x7f0000004c80)=@xdp, 0x80, &(0x7f0000004ec0)=[{&(0x7f0000004d00)=""/189, 0xbd}, {&(0x7f0000004dc0)=""/207, 0xcf}], 0x2, &(0x7f0000004f00)=""/112, 0x70}, 0x200}, {{&(0x7f0000004f80)=@pppol2tpin6, 0x80, &(0x7f0000005480)=[{&(0x7f0000005000)=""/110, 0x6e}, {&(0x7f0000005080)=""/134, 0x86}, {&(0x7f0000005140)=""/71, 0x47}, {&(0x7f00000051c0)=""/27, 0x1b}, {&(0x7f0000005200)=""/185, 0xb9}, {&(0x7f00000052c0)=""/7, 0x7}, {&(0x7f0000005300)=""/133, 0x85}, {&(0x7f00000053c0)=""/89, 0x59}, {&(0x7f0000005440)=""/26, 0x1a}], 0x9}, 0x4}, {{&(0x7f0000005540)=@hci, 0x80, &(0x7f0000005700)=[{&(0x7f00000055c0)=""/226, 0xe2}, {&(0x7f00000056c0)=""/28, 0x1c}], 0x2, &(0x7f0000005740)=""/4096, 0x1000}, 0xfffffffd}, {{&(0x7f0000006740)=@xdp, 0x80, &(0x7f0000006a40)=[{&(0x7f00000067c0)=""/161, 0xa1}, {&(0x7f0000006880)=""/79, 0x4f}, {&(0x7f0000006900)=""/36, 0x24}, {&(0x7f0000006940)=""/168, 0xa8}, {&(0x7f0000006a00)=""/46, 0x2e}], 0x5, &(0x7f0000006ac0)=""/100, 0x64}, 0x58}, {{&(0x7f0000006b40)=@xdp, 0x80, &(0x7f0000006fc0)=[{&(0x7f0000006bc0)=""/81, 0x51}, {&(0x7f0000006c40)=""/130, 0x82}, {&(0x7f0000006d00)=""/53, 0x35}, {&(0x7f0000006d40)=""/112, 0x70}, {&(0x7f0000006dc0)=""/183, 0xb7}, {&(0x7f0000006e80)=""/206, 0xce}, {&(0x7f0000006f80)=""/63, 0x3f}], 0x7, &(0x7f0000007040)=""/96, 0x60}, 0x4899}, {{&(0x7f00000070c0)=@isdn, 0x80, &(0x7f0000007180)=[{&(0x7f0000007140)=""/33, 0x21}], 0x1, &(0x7f00000071c0)=""/94, 0x5e}, 0x9}], 0xa, 0x122, &(0x7f0000007500)={r13, r14+60000000})

649.98767ms ago: executing program 0 (id=1011):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = memfd_create(&(0x7f0000000340)='-&:\n-\xb2];\x0f\xb2\x86NV6&\x01=\x94Z}\xfaW~\xae\x87\x88\xea\xde\xd9=-\x01\x00\x00\x80=\x1d\x8bl\xd5\xc3DE\xaf0\x8e\xac\xf2r#TZ>\xfb\xdf\xc1\xd4\xd1\xee\x88\xebI\xab\xf6\xab}\x85\x18 \x8a\x8aG:\xacD-\x99JD/~\xd6\xb5m\xac\x8d\x1d\x1c\xe9\xe5<\xfcP)E\xc1\x8e\xeb\xc9\x158Mq\x01\xe1\xf6-\xc3\xaa\x9a\x9be\xcd\xf2\xde\xccx\x1f\x0fne\xe8C\xe4Y\xc9\vR2fY\x8e\x9d\x97 \x00\x00\x00\x00\xe8W\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe6JV\x80\xdd\x96F\xc90}SH\xe8\xd4RV\xb6\xc9h\xfb\xf3#\xcb\x14a\xab\b\x05\x7f\xaa\x92AjYg\xef\xfb\x1fn.\x7f\xb1\xe26~$\xa9\v\x9b|>\xf5G\xb5\xac/\xc3n\x16\xee\xdf\xd0a', 0x5)
fcntl$setlease(r0, 0x400, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r1 = socket(0x10, 0x3, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
r2 = dup(r1)
syz_usb_control_io$sierra_net(0xffffffffffffffff, &(0x7f0000000f80)={0x14, 0x0, 0x0}, 0x0)
r3 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
ioctl$EVIOCSFF(r3, 0x40304580, &(0x7f0000000b40)={0x52, 0x1, 0x1, {0x0, 0x1}, {0x63, 0x2}, @period={0x58, 0x0, 0x0, 0x3, 0x80, {0x1, 0x8001, 0xf, 0x1}, 0x0, 0x0}})
write$char_usb(r3, &(0x7f0000000040)="e2", 0x2250)
ioctl$EVIOCGKEY(r3, 0x80404518, &(0x7f0000000680)=""/211)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x400000, 0x120, 0x69}, 0x18)
sendmsg$OSF_MSG_REMOVE(r2, &(0x7f0000000380)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000340)={&(0x7f0000000b40)=ANY=[@ANYBLOB="64090000010505000000000000000000000000025402010001000000020000000003040040000a0073797a3100000000000000000000000000000000000000000000000000000000306c8f0d0cb164a7e3c3666cf8552692fb9eeae5f99da47f4b38e946be7a86c9b33a29e676a68cae7b369189c0acc3dd33cb87eeb1fee782a7df30d7294f6830a6fb05000300000040000000060003000000000002000000ffff000202000000080000000600040002000000050000000900810000000000030000000600000402000000fbffffff650b5c0b0100000066ffffff03000600000000000000000001000008010000002a00000003000200020000000100000000e000040100000008000000070001000200000080000000090003000300000084f9a1050000323102000000040000000700030001020000070000000800090028ac301e018000000600090000000000100000000000090003000000508000000500db0a0000000008000000630f09000000000000000000080007000100000000020000100004000000000002000000060007000100000007000000ff0106000100000005000000f102f50000000000770000000400010103000000070000000800020000000000feffffff0500ae00003b6a4b82c28537eb000000060000000200030001000000010100000004170d00000000010000000000290003000000050000000800243c03000000009000007f000100030000000900000001000f000000000035020000ca000900010000005d6d0000f7ff0700020000000080ffff0000000002000000400000000c00fdff01000000400000000600afaa02000000ac00000000002f0c000000000000020054020100000000000700000007074500d4971b0073797a30000000000000000000000000000000000000000000000000000000001314713a2352e66299ead0cfdfc3e679d9d2d2cff8c3e4645b7f1e68f6cedf2c3fea3e3e4ab8caa3eef17d00d3fa6352d200a78c996b2d15d117b6963ccc111e000005000100000003000000ff011b05020000008100000005000000000000000080040008000a0003000000000000000100030000000000030000000800ff0701000000070000001f8f030003000000e28100000f0004000200000077410000020000f8030000000500000000000000020000000700000004000700000000000700000004000700010000007f0000000080080003000000352e00000400050003000000080000000400eb01010000000000000000000000010000000800000001000100030000000400000009000180010000000400000002000000030000003f00000076cc7f00030000000600000001000001010000000800000005000800010000000000000004008ae5030000008d6a0000010405000300000005000000020004000000000003000000ff0f580001000000010000807f002600010000000f0000000f000100010000000400000000000400030000000400000006000900010000000b0000000600ff0300000000f20b0000030008000000000000000000060070000200000009000000060006000100000007000000060001000300000002000000fbff0300010000000700000007000900010000000b0b00000800001002000000010000000100080002000000090000000700060000000000080000005402010000000000090000000603dd070000240073797a3100000000000000000000000000000000000000000000000000000000d54352a4fe02c2f8407bb487ba4897d16f31522acaada89687232e0c457193eb02381078ff085b9a5dff5960076f57aef10e3849daa55ab3dadac59168292b030600020001000000050000000700093b02000000000001000600010000000000080000007f000200030000000300000000043eb00300000000000000c91301000200000000000000070008000000000002000000fdff05000100000004a6000003000300020000008100000000000d0000000000090000000300080002000000070000000000000000000000aab4ffff0500008000000000e0c30000ff0f0a0002000000000000000200070000000000ff7f00000600230003000000ffffff7f04000d00030000000300000009000100000000000100010040004848060000000800000001010700030000000d00000008000f00000000000700000000006907020000008f000000e80008000300000006000000040000fc0300000000000000060007000000000005000000020005000100000000000100080034a50100000008000000810084a3d20fb8be0a0000000100050003000000e50d00000d00020001000000010000000500b2080300000003000000ff01000101000000ff0f00000d0005000300000006000000429e0a0001000000ce7900000000a50c03000000070000000700030000000000040000000e00040000000000070000000000da08000000000c000000008008000300000004000000040077040100000005000000540201000000000005000000100220000300110073797a30000000000000000000000000000000000000000000000000000000006136e788b63fdb1df1769135e7bba85be82895a56889e63d7ef6850decf77693e4705824adc8cdfb5048072e75124a8c09a9f6712cad574bbf5ed7324717e0def1ff220d000000000c00000003005302020000007d0300000900ff010000000004000000060001000300000002000000ff0707000300000001000000000001000300000002000000020010000000000004000000f7ff08000200000003000000010005000100000008000000fcff000100000000e00700000900ffff49183ec201000000ff030800000000009b080000070006000000000006000000060001f801000000040000000200b40900000000ff070000ff03fdff060000000004000000010100020000000200000003005a8803000000001000000000020003000000090000000600ff07020000002f0000000a0081000000000003000000e508020003000000030000000b00040003000000640c00000900030000000000010000000000070000000000040000000600060003000000040000000300ff03010000000c0000000800538301000000ff000000ff7f07000100000001000100ff070100030000000400000009000700000000007f0000000300090000000000070000000600070002000000040000005e08000003000000020000001000000002000000060000000400c0010000000008000000080007000200000073000000010000000100000008000000040002000300000072d0000002000500"], 0x964}, 0x1, 0x0, 0x0, 0x4}, 0x4000)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x8000}})
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
ppoll(&(0x7f0000000240)=[{r5, 0x4080}], 0x1, 0x0, 0x0, 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0xb)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f00000001c0)={0x5813}, 0x10)
r6 = socket(0x10, 0x3, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r7, 0x29, 0x1b, &(0x7f0000000100)={@loopback}, 0x14)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'lo\x00', <r9=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r9, {0x0, 0x2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x8, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00'}}}]}, 0x48}}, 0x4000084)
sendmsg$nl_route(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000001640)={&(0x7f0000001700)=ANY=[], 0x24}}, 0x4044)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r1, &(0x7f00000002c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000480)=ANY=[@ANYBLOB="1400000006000000000000fdffffffacb4bd630df09c8c7ca8285977654c33890bddb1ff518e055d89f142a11cbfce7d70f94c1814607617ef6ecccde14d4033bcde817b63bf038b919754d79ef9e68c4c25905847da5f8e"], 0x14}, 0x1, 0x0, 0x0, 0x9}, 0x0)

583.105644ms ago: executing program 2 (id=1012):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000002000a0060"], 0xb8}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x25dfdbfe, {{@in6=@private0={0xfc, 0x0, '\x00', 0x40}, @in6=@ipv4={'\x00', '\xff\xff', @loopback}, 0x0, 0x400, 0x0, 0x0, 0xa, 0x60, 0x0, 0x0, 0x0, 0xee01}, {}, {}, 0x1}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)
sendmsg$key(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x40, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x9}, {0x0, 0x5}}}, 0xb8}}, 0x4000)

491.851401ms ago: executing program 1 (id=1013):
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f00000047c0), 0x2, 0x0)
read$FUSE(r0, &(0x7f0000004800)={0x2020, 0x0, <r1=>0x0}, 0x2020)
preadv(r0, &(0x7f000000a3c0)=[{&(0x7f00000081c0)=""/4096, 0x1000}, {&(0x7f00000093c0)=""/4096, 0x1000}], 0x2, 0x1000, 0x7)
write$FUSE_DIRENTPLUS(r0, &(0x7f000000a640)={0x10, 0xfffffffffffffffe, r1}, 0x10)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/cgroup.procs\x00', &(0x7f0000000240)=@FILEID_UDF_WITH_PARENT={0x14}, &(0x7f0000000280), 0x1600)

431.79712ms ago: executing program 4 (id=1014):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000004300), 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x10002e)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) (async)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x6d, 0x0, 0x0) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000000)={0x8, 0x6})

318.182196ms ago: executing program 2 (id=1015):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000a0000000000000000ffffffbf0010000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x1}, 0x94)

258.996958ms ago: executing program 3 (id=1016):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0xa0, 0x2)
ioctl$BTRFS_IOC_WAIT_SYNC(r0, 0x40089416, &(0x7f00000002c0))
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000001c0)={0x0, @vbi={0x4, 0xfffff000, 0x50323230, 0x59565955, [0x8000, 0x8], [0xffffffff, 0x1], 0x13a}})
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_DONE(r1, 0x0, 0xc9, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r2=>0xffffffffffffffff}, './file0\x00'})
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = accept4$alg(r3, 0x0, 0x0, 0x800)
r5 = dup(r4)
sendmsg$xdp(r5, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000000440)="fabe", 0x2}, {&(0x7f0000000500)="9321", 0x2}], 0x2, 0x0, 0x0, 0x4080}, 0x240400c0)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_STATS(r2, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r6, 0x120, 0x70bd2b, 0x25dfdbff, {}, ["", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x8000084)

230.053561ms ago: executing program 1 (id=1017):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000)=0x2)
ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0x40, 0x0, 0x38, 0x40000004}, {0x6, 0xfc, 0x0, 0x4000000}]})
ioctl$PPPIOCSDEBUG(r0, 0x40047440, &(0x7f0000000240)=0x10001)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000100)={0x0, 0x4}, 0x8)
openat$apparmor_task_exec(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mmap(&(0x7f0000568000/0x3000)=nil, 0x3000, 0x0, 0x10010, 0xffffffffffffffff, 0xbd8d0000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x4, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000280)={0x1, 0x0, [{0x40000073, 0x0, 0x81}]})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
lseek(0xffffffffffffffff, 0xfffffffffffffffd, 0x1)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x60600, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x20000002f)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_PRE_FAULT_MEMORY(r8, 0xc040aed5, &(0x7f00000000c0)={0x100000, 0x21d000})
getsockname$packet(0xffffffffffffffff, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x3c, 0x0, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x0)

166.149548ms ago: executing program 4 (id=1018):
syz_usb_connect(0x5, 0x24, &(0x7f0000000300)={{0x12, 0x1, 0x0, 0x92, 0x20, 0x2c, 0x40, 0x1943, 0x2255, 0x9220, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0xc0, 0x81, [{{0x9, 0x4, 0x53, 0x0, 0x0, 0x73, 0xc4, 0x3f}}]}}]}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x4, 0x40, 0x7fff0000}]})
r0 = socket$kcm(0x11, 0x2, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0x14, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000280)=@tipc=@nameseq={0x1e, 0x1, 0x1, {0x42, 0x2, 0x2}}, 0x80, 0x0}, 0x4000880)
sched_setscheduler(0x0, 0x1, 0x0)

161.263221ms ago: executing program 2 (id=1019):
r0 = syz_open_dev$loop(&(0x7f0000000700), 0x47dfffb, 0xc2200)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000240)="d80000001c0081044e81f782db44b9040a1d080214000000020003a118000c000300000000000e1208000f0100810401a8001600200001400300000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c11503c6bbace8017cb090000041fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef3d93452a000000000000000000000001c08e2903b888c7e2f28b181a267ce0c03540f6f9d9b62910e2b1638876", 0xf6}], 0x1, 0x0, 0x0, 0x7400}, 0x20000080)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x88002, 0x0)
pwritev(r3, &(0x7f00000000c0)=[{0x0, 0x4f}, {&(0x7f0000000140)="de", 0x1}], 0x2, 0x0, 0x0)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)={0x11c, r4, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@DEVLINK_ATTR_PORT_INDEX={0x8}, @DEVLINK_ATTR_RATE_NODE_NAME={0x9f, 0xa8, @random="da7ab4449ae1e2a6d76f596404686113065dd8e49a90eac9e88e82673654fce11d2bb54a3e3ee0eb7591163cd1089821afe2a9448ba7cc961cc3450b36ffd551c5784bdaf289d9a12929f54265fd72ff6a308d6166fe0d69b85c5ec6b131ea691a2e497be3d5821f4d7105ca8acccc025f8313dd07c7d1414e9a8226bbd7e8a8cb6bcd96f017b252947191e46d31548dbca5dcb56a2ba7f6bf0c88"}, @DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xa8, @name2}, @DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xa8, @name2}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x11c}, 0x1, 0x0, 0x0, 0x2400c001}, 0x50)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffed3)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)={{0x14}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x54}, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800)

0s ago: executing program 3 (id=1020):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, 0x0, 0x0)
listxattr(0x0, &(0x7f0000000540)=""/212, 0xd4)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
r2 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000140), 0x8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000940)=ANY=[@ANYBLOB="9feb01001800000000000000ac000000ac000000090000000600000000000008000000000400000004000006040000000f0000000700000004000000b50b000009000000040000000a000000000000000500000004000005090000000f00000003000000120a00000c00000002000000010000000c0000000300000001000000080000000400000000000000030000000000000200000000000000000100000d0000000001000000020000000f000000000000100c0000000b0000000000000c04000000005f2e306100616100dd0adf93df3ff8667352b3be363bba82a3f9dbdd999e542007535a769594a0247235e825604abf46a34ee5186c8bfc49f19d6b48ae8329104bfd8f91a2dd7ff2844e2c3876c564d4d9a3b1b0c5b0e6cf"], &(0x7f0000000840)=""/228, 0xcd, 0xe4, 0x1, 0x7f, 0x10000, @value=r2}, 0x28)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000240)={0x1, 0xffff0fff, 0x1, 0xffffffffffffffff, 0x1})
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(0xffffffffffffffff, 0x80045530, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00"], 0xa8}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x50a32, 0x23}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BR_GROUP_FWD_MASK={0x6}, @IFLA_BR_GROUP_ADDR={0xa, 0x14, @random="15714bc789a3"}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x4008000)
r4 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x13, 0xffffffffffffffff, 0x0)
r5 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000240)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r4, 0x20, &(0x7f0000000000)="0900bf65653f47f4020000008bd458d1e7cbdaf300000f34e7e4165f081ae36850f6d15c3e681411f7a496c0da04003c242f5bedaf6bec340dee49474362b24cb800edc500", 0x0, 0x48)
statx(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x100, 0x94, 0x0)
syz_memcpy_off$KVM_EXIT_MMIO(r4, 0x20, &(0x7f0000000080)="3c9c7f3ca6ed7fadd9c2da32b98ae7d4f05cbccca68099fc", 0x0, 0x18)
ioctl$UFFDIO_WAKE(r5, 0x8010aa02, &(0x7f0000000280)={&(0x7f0000fff000/0x1000)=nil, 0x1000})

kernel console output (not intermixed with test programs):

Number: syz
[  230.946205][ T5864] usb 5-1: config 0 descriptor??
[  230.956000][ T7733] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  230.996211][ T7733] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  231.013053][ T5864] gs_usb 5-1:0.0: Required endpoints not found
[  231.088143][ T7734] netlink: 32 bytes leftover after parsing attributes in process `syz.2.471'.
[  231.129738][    T9] usb 1-1: USB disconnect, device number 19
[  231.407733][ T7744] fuse: Bad value for 'fd'
[  231.531261][   T10] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  231.611012][ T7745] netlink: 4 bytes leftover after parsing attributes in process `syz.4.469'.
[  231.702435][ T7747] fuse: Bad value for 'group_id'
[  231.707469][ T7747] fuse: Bad value for 'group_id'
[  231.718650][ T7747] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  231.721395][   T10] usb 4-1: Using ep0 maxpacket: 8
[  231.727661][ T7747] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  231.741030][ T7747] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  231.766553][ T7747] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  231.812808][   T10] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  231.826092][   T10] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  231.845810][   T10] usb 4-1: config 1 has no interface number 1
[  231.860610][   T10] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  231.886142][   T10] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  231.907124][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  231.919109][   T10] usb 4-1: Manufacturer: ೵侻ਙȯﺨ╹沛�
[  232.178186][   T10] usb 4-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  232.429978][   T10] usb 4-1: USB disconnect, device number 24
[  232.477178][ T5985] udevd[5985]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  232.501731][ T5958] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  232.606127][ T7756] netlink: 596 bytes leftover after parsing attributes in process `syz.1.477'.
[  232.681398][ T5958] usb 1-1: Using ep0 maxpacket: 16
[  232.724159][ T7754] netlink: 60 bytes leftover after parsing attributes in process `syz.0.476'.
[  232.733485][ T7754] netlink: 28 bytes leftover after parsing attributes in process `syz.0.476'.
[  233.332969][   T24] usb 5-1: USB disconnect, device number 17
[  233.773475][   T10] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  234.059040][   T10] usb 3-1: device descriptor read/64, error -71
[  234.419785][   T10] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  234.632942][   T10] usb 3-1: device descriptor read/64, error -71
[  235.000039][   T10] usb usb3-port1: attempt power cycle
[  235.401323][   T10] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  235.532860][   T10] usb 3-1: device descriptor read/8, error -71
[  235.951366][   T10] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  236.252153][   T10] usb 3-1: device descriptor read/8, error -71
[  236.365059][   T10] usb usb3-port1: unable to enumerate USB device
[  236.391867][ T5958] usb 1-1: unable to get BOS descriptor or descriptor too short
[  236.476022][ T5958] usb 1-1: unable to read config index 0 descriptor/start: -71
[  236.491126][ T5958] usb 1-1: can't read configurations, error -71
[  237.188590][ T7802] netlink: 596 bytes leftover after parsing attributes in process `syz.4.490'.
[  237.311806][ T5960] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  237.481721][ T5960] usb 3-1: Using ep0 maxpacket: 8
[  237.512758][ T5960] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  237.543702][ T5960] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  237.564886][ T7807] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  237.574154][ T5960] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  237.574189][ T5960] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  237.627775][ T7807] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  237.685379][ T5960] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  237.701202][ T5960] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  238.007858][ T5960] usb 3-1: usb_control_msg returned -71
[  238.027499][ T5960] usbtmc 3-1:16.0: can't read capabilities
[  238.121550][ T5958] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  238.164170][ T5960] usb 3-1: USB disconnect, device number 23
[  238.338404][ T5958] usb 5-1: Using ep0 maxpacket: 16
[  238.406793][ T7813] netlink: 60 bytes leftover after parsing attributes in process `syz.4.495'.
[  238.416104][ T7813] netlink: 28 bytes leftover after parsing attributes in process `syz.4.495'.
[  238.621471][  T958] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  238.811468][  T958] usb 1-1: Using ep0 maxpacket: 8
[  238.825417][  T958] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  238.844415][  T958] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  238.893229][  T958] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  238.939916][  T958] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  239.003035][  T958] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  239.017487][  T958] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  239.242711][  T958] usb 1-1: GET_CAPABILITIES returned 0
[  239.248520][  T958] usbtmc 1-1:16.0: can't read capabilities
[  239.456397][    C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  239.465540][    C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  239.474625][    C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  239.483891][    C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  239.561529][    C1] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  239.570673][    C1] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  239.582349][    C1] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  239.592674][    C1] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  239.601896][    C1] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  239.611005][    C1] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  239.620109][    C1] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  239.629210][    C1] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  239.638289][    C1] vkms_vblank_simulate: vblank timer overrun
[  239.755753][    C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  239.764889][    C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  239.773987][    C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  239.783109][    C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  240.000105][  T958] usb 1-1: USB disconnect, device number 22
[  240.591738][ T7841] syz.3.504 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  240.842526][ T7843] netlink: 596 bytes leftover after parsing attributes in process `syz.0.505'.
[  241.566520][ T5958] usb 5-1: unable to get BOS descriptor or descriptor too short
[  241.611643][ T5958] usb 5-1: unable to read config index 0 descriptor/start: -71
[  241.648974][ T5958] usb 5-1: can't read configurations, error -71
[  241.671589][   T30] kauditd_printk_skb: 9 callbacks suppressed
[  241.671608][   T30] audit: type=1400 audit(1757557345.832:244): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3A273A02 pid=7850 comm="syz.2.509"
[  241.696835][    C1] vkms_vblank_simulate: vblank timer overrun
[  241.848711][ T7858] netlink: 'syz.1.508': attribute type 75 has an invalid length.
[  242.275010][ T7868] netlink: 12 bytes leftover after parsing attributes in process `syz.0.513'.
[  243.044674][ T7882] netlink: 2 bytes leftover after parsing attributes in process `syz.0.516'.
[  243.121403][ T7882] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[  243.211286][ T5958] usb 4-1: new full-speed USB device number 25 using dummy_hcd
[  243.375904][ T5958] usb 4-1: config 0 has an invalid interface number: 45 but max is 0
[  243.404684][ T5958] usb 4-1: config 0 has no interface number 0
[  243.425529][ T5958] usb 4-1: config 0 interface 45 altsetting 175 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  243.484768][ T5958] usb 4-1: config 0 interface 45 altsetting 175 endpoint 0x81 has invalid wMaxPacketSize 0
[  243.538523][ T5958] usb 4-1: config 0 interface 45 has no altsetting 0
[  243.567905][ T5958] usb 4-1: New USB device found, idVendor=5543, idProduct=3031, bcdDevice= 0.00
[  243.597364][ T5958] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  243.670753][ T5958] usb 4-1: config 0 descriptor??
[  243.920378][ T5958] usbhid 4-1:0.45: can't add hid device: -32
[  243.923877][ T7893] could not allocate digest TFM handle 

[  243.926941][   T24] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  244.058262][ T5958] usbhid 4-1:0.45: probe with driver usbhid failed with error -32
[  244.150927][ T5958] usb 4-1: USB disconnect, device number 25
[  244.281284][   T24] usb 1-1: Using ep0 maxpacket: 16
[  244.327645][ T7891] netlink: 60 bytes leftover after parsing attributes in process `syz.0.520'.
[  244.336795][ T7891] netlink: 28 bytes leftover after parsing attributes in process `syz.0.520'.
[  244.708635][ T7905] netlink: 596 bytes leftover after parsing attributes in process `syz.2.523'.
[  244.728089][ T7907] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  244.749467][ T7907] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  244.795118][ T7907] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  244.825393][ T7907] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  245.020456][ T7907] netlink: 8 bytes leftover after parsing attributes in process `syz.1.525'.
[  245.123051][   T30] audit: type=1326 audit(1757557349.282:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7912 comm="syz.4.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc6d8eba9 code=0x7ffc0000
[  245.182683][ T7907] team0: entered promiscuous mode
[  245.187775][ T7907] team_slave_0: entered promiscuous mode
[  245.208859][   T30] audit: type=1326 audit(1757557349.302:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7912 comm="syz.4.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc6d8eba9 code=0x7ffc0000
[  245.251651][ T7907] team_slave_1: entered promiscuous mode
[  245.259841][ T7907] 8021q: adding VLAN 0 to HW filter on device macvlan0
[  245.298974][   T30] audit: type=1326 audit(1757557349.312:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7912 comm="syz.4.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=26 compat=0 ip=0x7f2fc6d8eba9 code=0x7ffc0000
[  245.378834][   T30] audit: type=1326 audit(1757557349.312:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7912 comm="syz.4.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc6d8eba9 code=0x7ffc0000
[  245.414787][ T7907] team0: left promiscuous mode
[  245.435011][ T7907] team_slave_0: left promiscuous mode
[  245.461706][   T30] audit: type=1326 audit(1757557349.312:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7912 comm="syz.4.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc6d8eba9 code=0x7ffc0000
[  245.493143][   T30] audit: type=1326 audit(1757557349.312:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7912 comm="syz.4.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2fc6d8eba9 code=0x7ffc0000
[  245.495807][ T7907] team_slave_1: left promiscuous mode
[  245.517532][   T30] audit: type=1326 audit(1757557349.312:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7912 comm="syz.4.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc6d8eba9 code=0x7ffc0000
[  245.559090][   T30] audit: type=1326 audit(1757557349.322:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7912 comm="syz.4.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2fc6d8eba9 code=0x7ffc0000
[  245.626692][   T30] audit: type=1326 audit(1757557349.322:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7912 comm="syz.4.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc6d8eba9 code=0x7ffc0000
[  245.757160][  T958] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  245.948999][  T958] usb 5-1: Using ep0 maxpacket: 32
[  245.959858][  T958] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  245.970860][  T958] usb 5-1: config 0 has no interfaces?
[  245.979854][  T958] usb 5-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  245.989538][  T958] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  246.013262][  T958] usb 5-1: Product: syz
[  246.031436][   T10] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  246.041554][ T5864] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  246.044046][  T958] usb 5-1: Manufacturer: syz
[  246.118688][  T958] usb 5-1: SerialNumber: syz
[  246.200682][   T10] usb 4-1: unable to get BOS descriptor or descriptor too short
[  246.208940][  T958] usb 5-1: config 0 descriptor??
[  246.232077][   T10] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  246.254096][ T5864] usb 3-1: New USB device found, idVendor=0421, idProduct=0007, bcdDevice=b8.51
[  246.278432][ T5864] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  246.296185][   T10] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  246.299445][ T5864] usb 3-1: Product: syz
[  246.323908][ T5864] usb 3-1: Manufacturer: syz
[  246.343547][   T10] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  246.357633][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  246.373461][   T10] usb 4-1: Product: syz
[  246.379508][   T10] usb 4-1: Manufacturer: syz
[  246.387853][   T10] usb 4-1: SerialNumber: syz
[  246.399593][ T5864] usb 3-1: SerialNumber: syz
[  246.480098][ T5864] usb 3-1: config 0 descriptor??
[  246.501605][ T5864] rndis_host 3-1:0.0: More than one union descriptor, skipping ...
[  246.506555][ T7915] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  246.520805][ T5864] usb 3-1: bad CDC descriptors
[  246.580585][ T5864] cdc_acm 3-1:0.0: More than one union descriptor, skipping ...
[  246.597600][ T7915] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  246.709136][ T7921] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  246.718077][ T7921] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  246.753905][  T958] usb 5-1: USB disconnect, device number 20
[  246.817897][ T7920] netlink: 'syz.3.528': attribute type 12 has an invalid length.
[  246.868407][ T7920] netlink: 132 bytes leftover after parsing attributes in process `syz.3.528'.
[  246.971738][ T5864] usb 3-1: USB disconnect, device number 24
[  247.235972][   T24] usb 1-1: unable to get BOS descriptor or descriptor too short
[  247.292772][   T24] usb 1-1: unable to read config index 0 descriptor/start: -71
[  247.314469][   T24] usb 1-1: can't read configurations, error -71
[  247.564285][ T7939] netlink: 'syz.0.532': attribute type 75 has an invalid length.
[  248.488307][   T10] usb 4-1: 0:2 : does not exist
[  248.511084][   T10] usb 4-1: USB disconnect, device number 26
[  248.625318][ T5985] udevd[5985]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  249.641270][ T5864] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  249.891358][ T5864] usb 5-1: Using ep0 maxpacket: 16
[  249.953447][ T7970] netlink: 60 bytes leftover after parsing attributes in process `syz.4.542'.
[  249.963067][ T7970] netlink: 28 bytes leftover after parsing attributes in process `syz.4.542'.
[  250.178113][ T7965] netlink: 'syz.3.540': attribute type 13 has an invalid length.
[  251.084550][ T7965] 8021q: adding VLAN 0 to HW filter on device bond0
[  251.120372][ T7965] 8021q: adding VLAN 0 to HW filter on device team0
[  251.162199][ T2155] usb 1-1: new full-speed USB device number 25 using dummy_hcd
[  251.193003][ T7965] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  251.527486][ T2155] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  251.542585][ T2155] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  251.585960][ T2155] usb 1-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0x2, skipping
[  251.812110][ T2155] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  252.075557][ T2155] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  252.094298][ T2155] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  252.125844][ T2155] usb 1-1: Manufacturer: syz
[  252.396111][ T2155] usb 1-1: config 0 descriptor??
[  252.667820][ T5864] usb 5-1: unable to get BOS descriptor or descriptor too short
[  252.677447][ T5864] usb 5-1: unable to read config index 0 descriptor/start: -71
[  252.800944][ T5864] usb 5-1: can't read configurations, error -71
[  252.872475][ T8007] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  252.919914][ T8007] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  253.027472][ T8007] binder: 8004:8007 ioctl c018620c 200000000380 returned -1
[  253.250182][ T8007] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  253.288876][ T8007] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  253.317953][ T8007] netlink: 12 bytes leftover after parsing attributes in process `syz.1.550'.
[  254.038324][ T8036] netlink: 'syz.4.554': attribute type 75 has an invalid length.
[  255.234826][  T958] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  255.411293][  T958] usb 4-1: Using ep0 maxpacket: 16
[  255.472313][ T8053] netlink: 60 bytes leftover after parsing attributes in process `syz.3.559'.
[  255.481647][ T8053] netlink: 28 bytes leftover after parsing attributes in process `syz.3.559'.
[  255.634500][    T9] usb 1-1: USB disconnect, device number 25
[  255.915856][ T8059] kAFS: unparsable volume name
[  255.967789][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  255.977606][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  256.026100][ T8063] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  258.170203][ T8104] sctp: [Deprecated]: syz.4.563 (pid 8104) Use of struct sctp_assoc_value in delayed_ack socket option.
[  258.170203][ T8104] Use struct sctp_sack_info instead
[  258.705766][  T958] usb 4-1: unable to get BOS descriptor or descriptor too short
[  258.737389][  T958] usb 4-1: unable to read config index 0 descriptor/start: -71
[  258.759517][ T8084] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  258.793296][  T958] usb 4-1: can't read configurations, error -71
[  262.142330][ T8144] tipc: Started in network mode
[  262.259822][ T8144] tipc: Node identity 8ec60443b9ea, cluster identity 4711
[  262.294975][ T8144] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  262.322721][ T8150] syzkaller0: entered promiscuous mode
[  262.328248][ T8150] syzkaller0: entered allmulticast mode
[  262.364207][ T8142] tipc: Resetting bearer <eth:syzkaller0>
[  262.650946][ T8142] tipc: Disabling bearer <eth:syzkaller0>
[  263.056057][  T958] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  263.885305][  T958] usb 3-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  263.894724][  T958] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  264.001213][    T9] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  264.082000][  T958] usb 3-1: Product: syz
[  264.196307][  T958] usb 3-1: Manufacturer: syz
[  264.210275][  T958] usb 3-1: SerialNumber: syz
[  264.227832][  T958] usb 3-1: config 0 descriptor??
[  264.403240][    T9] usb 4-1: Using ep0 maxpacket: 16
[  264.452680][ T8176] netlink: 60 bytes leftover after parsing attributes in process `syz.3.575'.
[  264.461915][ T8176] netlink: 28 bytes leftover after parsing attributes in process `syz.3.575'.
[  264.719972][ T8158] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  264.730890][ T8158] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  264.761311][  T958] usb 3-1: Firmware: major: 0, minor: 0, hardware type: ATUSB (2)
[  264.769421][  T958] usb 3-1: Firmware version (0.0) predates our first public release.
[  264.852931][  T958] usb 3-1: Please update to version 0.2 or newer
[  265.464499][  T958] usb 3-1: USB disconnect, device number 25
[  266.670522][ T8220] fuse: Unknown parameter '000000000000000000000040x0000000000000004'
[  266.987423][ T8226] netlink: 316 bytes leftover after parsing attributes in process `syz.4.583'.
[  267.521568][    T9] usb 4-1: unable to get BOS descriptor or descriptor too short
[  267.566967][    T9] usb 4-1: unable to read config index 0 descriptor/start: -71
[  267.594939][    T9] usb 4-1: can't read configurations, error -71
[  267.653666][   T30] audit: type=1326 audit(1757557371.802:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8228 comm="syz.0.585" exe="/root/syz-executor" sig=31 arch=c000003e syscall=317 compat=0 ip=0x7fde1f18eba9 code=0x0
[  268.351397][  T958] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  268.592566][  T958] usb 1-1: Using ep0 maxpacket: 32
[  268.649245][  T958] usb 1-1: config index 0 descriptor too short (expected 35577, got 27)
[  268.689481][  T958] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  268.711250][  T958] usb 1-1: config 1 has an invalid interface number: 245 but max is 91
[  268.720423][  T958] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  268.789274][  T958] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92
[  268.801530][  T958] usb 1-1: config 1 has no interface number 0
[  268.807786][  T958] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  268.827430][  T958] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  268.871439][    T9] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  269.138670][    T9] usb 5-1: Using ep0 maxpacket: 32
[  269.180601][    T9] usb 5-1: New USB device found, idVendor=05ac, idProduct=023f, bcdDevice=e0.d8
[  269.193083][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  269.247411][    T9] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:16.0/input/input17
[  269.281310][  T958] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  269.526517][ T8259] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  269.570609][  T958] usb 4-1: config 0 has no interfaces?
[  269.615123][  T958] usb 4-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  269.643319][  T958] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  269.649321][ T8259] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  269.661020][  T958] usb 4-1: Product: syz
[  269.757066][  T958] usb 4-1: Manufacturer: syz
[  269.766618][  T958] usb 4-1: SerialNumber: syz
[  269.784885][  T958] usb 4-1: config 0 descriptor??
[  269.842974][ T5220] bcm5974 5-1:16.0: could not read from device
[  269.869855][    T9] usb 5-1: USB disconnect, device number 23
[  270.097545][ T8281] netlink: 32 bytes leftover after parsing attributes in process `syz.0.588'.
[  270.911978][ T5864] usb 3-1: new full-speed USB device number 26 using dummy_hcd
[  270.973025][ T8293] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  270.983399][ T8293] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  271.028331][ T8293] netlink: 60 bytes leftover after parsing attributes in process `syz.1.597'.
[  271.037582][ T8293] netlink: 28 bytes leftover after parsing attributes in process `syz.1.597'.
[  271.124683][ T5864] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  271.147095][ T5864] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  271.229482][ T5864] usb 3-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0x2, skipping
[  271.412009][ T8297] netlink: 132 bytes leftover after parsing attributes in process `syz.4.598'.
[  271.429088][ T5958] usb 1-1: USB disconnect, device number 26
[  271.457755][ T5864] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  271.520258][ T5864] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  271.560906][ T5864] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  271.581907][ T5864] usb 3-1: Manufacturer: syz
[  271.603482][ T5864] usb 3-1: config 0 descriptor??
[  271.853749][  T958] usb 4-1: USB disconnect, device number 31
[  271.892663][ T5960] usb 3-1: USB disconnect, device number 26
[  272.362360][ T8304] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  272.369300][ T8304] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  272.376807][ T8304] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  272.383724][ T8304] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  272.392007][ T8304] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  274.209681][ T8309] delete_channel: no stack
[  274.461592][   T51] Bluetooth: hci4: command 0x0c1a tx timeout
[  274.467675][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[  274.474234][ T5870] Bluetooth: hci2: command 0x0c1a tx timeout
[  274.474358][ T5879] Bluetooth: hci1: command 0x0c1a tx timeout
[  274.480284][ T5870] Bluetooth: hci0: command 0x0c1a tx timeout
[  274.863880][   T24] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  275.008993][   T24] usb 4-1: device descriptor read/64, error -71
[  275.041486][    T9] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  275.181272][    T9] usb 5-1: device descriptor read/64, error -71
[  275.251802][   T24] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  275.366751][ T8351] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  275.394376][ T8351] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  275.402788][   T24] usb 4-1: device descriptor read/64, error -71
[  275.438779][ T8351] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  275.445584][ T8351] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  275.455527][    T9] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  275.457971][ T8351] vhci_hcd vhci_hcd.0: Device attached
[  275.473311][ T8354] vhci_hcd: connection closed
[  275.474923][ T1150] vhci_hcd: stop threads
[  275.485043][ T1150] vhci_hcd: release socket
[  275.489496][ T1150] vhci_hcd: disconnect device
[  275.531833][   T24] usb usb4-port1: attempt power cycle
[  275.611594][    T9] usb 5-1: device descriptor read/64, error -71
[  275.720102][ T8363] sg_write: data in/out 13915/14 bytes for SCSI command 0x0-- guessing data in;
[  275.720102][ T8363]    program syz.2.615 not setting count and/or reply_len properly
[  275.741759][    T9] usb usb5-port1: attempt power cycle
[  275.760733][ T8363] netlink: 'syz.2.615': attribute type 3 has an invalid length.
[  275.872711][   T24] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  275.907511][   T24] usb 4-1: device descriptor read/8, error -71
[  276.071286][ T2155] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  276.111529][    T9] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  276.145910][    T9] usb 5-1: device descriptor read/8, error -71
[  276.148584][ T8368] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  276.163323][   T24] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  276.176249][ T8368] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  276.194269][   T24] usb 4-1: device descriptor read/8, error -71
[  276.226876][ T8368] netlink: 60 bytes leftover after parsing attributes in process `syz.1.616'.
[  276.236061][ T8368] netlink: 28 bytes leftover after parsing attributes in process `syz.1.616'.
[  276.261409][ T2155] usb 3-1: Using ep0 maxpacket: 8
[  276.270416][ T2155] usb 3-1: config 0 has an invalid interface number: 151 but max is 1
[  276.279190][ T2155] usb 3-1: config 0 has no interface number 1
[  276.286307][ T2155] usb 3-1: config 0 interface 151 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  276.297443][ T2155] usb 3-1: config 0 interface 151 altsetting 0 has an endpoint descriptor with address 0xA3, changing to 0x83
[  276.312589][ T2155] usb 3-1: config 0 interface 151 altsetting 0 endpoint 0x83 has invalid maxpacket 64466, setting to 1024
[  276.324152][ T2155] usb 3-1: config 0 interface 151 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024
[  276.334774][ T2155] usb 3-1: config 0 interface 151 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  276.348123][ T2155] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xC9, changing to 0x89
[  276.361052][   T24] usb usb4-port1: unable to enumerate USB device
[  276.370719][ T2155] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  276.384967][ T2155] usb 3-1: New USB device found, idVendor=0499, idProduct=500a, bcdDevice=e7.b7
[  276.394755][ T2155] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  276.402861][ T2155] usb 3-1: Product: syz
[  276.410220][ T2155] usb 3-1: Manufacturer: syz
[  276.416475][ T2155] usb 3-1: SerialNumber: syz
[  276.421546][    T9] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  276.440943][ T2155] usb 3-1: config 0 descriptor??
[  276.446769][ T8364] raw-gadget.3 gadget.2: fail, usb_ep_enable returned -22
[  276.456755][    T9] usb 5-1: device descriptor read/8, error -71
[  276.469189][ T2155] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  276.494114][ T2155] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  276.581926][    T9] usb usb5-port1: unable to enumerate USB device
[  277.976982][ T8376] tipc: Failed to remove unknown binding: 66,1,1/0:605116578/605116580
[  277.999795][ T8376] tipc: Failed to remove unknown binding: 66,1,1/0:605116578/605116580
[  278.010856][ T8376] tipc: Failed to remove unknown binding: 66,1,1/0:605116578/605116580
[  278.081959][ T8380] netlink: 24 bytes leftover after parsing attributes in process `syz.3.619'.
[  278.119564][ T8380] netlink: 40 bytes leftover after parsing attributes in process `syz.3.619'.
[  278.691579][ T5960] usb 3-1: USB disconnect, device number 27
[  279.474199][ T8394] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  279.511424][ T8394] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  280.431344][ T5960] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[  280.568023][ T8405] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  280.591455][ T5960] usb 4-1: Using ep0 maxpacket: 16
[  280.604362][ T5960] usb 4-1: unable to get BOS descriptor or descriptor too short
[  280.634732][ T5960] usb 4-1: config 2 has an invalid interface number: 9 but max is 0
[  280.649433][ T8405] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  280.658588][ T5960] usb 4-1: config 2 has no interface number 0
[  280.671214][ T5960] usb 4-1: config 2 interface 9 altsetting 10 bulk endpoint 0xC has invalid maxpacket 32
[  280.681079][ T5960] usb 4-1: config 2 interface 9 altsetting 10 endpoint 0xA has invalid maxpacket 1024, setting to 64
[  280.722123][ T5960] usb 4-1: config 2 interface 9 has no altsetting 0
[  280.738712][ T5960] usb 4-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=6f.97
[  280.749265][ T5960] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  280.768957][ T5960] usb 4-1: Product: syz
[  280.773684][ T5960] usb 4-1: Manufacturer: syz
[  280.778378][ T5960] usb 4-1: SerialNumber: syz
[  280.808368][ T8403] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  280.899835][ T8415] netlink: 'syz.2.629': attribute type 1 has an invalid length.
[  281.013010][  T958] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  281.219966][ T5960] pn533_usb 4-1:2.9: NFC: Could not find bulk-in or bulk-out endpoint
[  281.250116][ T5960] usb 4-1: USB disconnect, device number 36
[  281.281550][  T958] usb 5-1: device descriptor read/64, error -71
[  281.621266][  T958] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  281.771237][  T958] usb 5-1: device descriptor read/64, error -71
[  281.884237][  T958] usb usb5-port1: attempt power cycle
[  282.114659][ T8431] netlink: 364 bytes leftover after parsing attributes in process `syz.2.632'.
[  282.251570][  T958] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  282.552082][  T958] usb 5-1: device descriptor read/8, error -71
[  282.623435][   T24] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  282.806841][   T24] usb 1-1: device descriptor read/64, error -71
[  282.824234][  T958] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  282.867890][  T958] usb 5-1: device descriptor read/8, error -71
[  283.058947][  T958] usb usb5-port1: unable to enumerate USB device
[  283.112251][   T24] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  283.251357][   T24] usb 1-1: device descriptor read/64, error -71
[  283.311868][ T5960] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  283.423070][   T24] usb usb1-port1: attempt power cycle
[  283.501704][ T5960] usb 4-1: Using ep0 maxpacket: 16
[  283.803308][   T24] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  283.916677][ T8442] netlink: 60 bytes leftover after parsing attributes in process `syz.3.635'.
[  284.002396][ T8442] netlink: 28 bytes leftover after parsing attributes in process `syz.3.635'.
[  284.026175][ T8454] loop6: detected capacity change from 0 to 63
[  284.073312][ T5985] Buffer I/O error on dev loop6, logical block 0, async page read
[  284.098000][   T24] usb 1-1: device descriptor read/8, error -71
[  284.332356][ T5985] Buffer I/O error on dev loop6, logical block 0, async page read
[  284.363055][ T5985] Buffer I/O error on dev loop6, logical block 0, async page read
[  284.372656][ T5985] Buffer I/O error on dev loop6, logical block 0, async page read
[  284.381940][ T5985] Buffer I/O error on dev loop6, logical block 0, async page read
[  286.162382][ T8477] netlink: 44 bytes leftover after parsing attributes in process `syz.2.646'.
[  286.407290][ T8482] trusted_key: encrypted_key: master key parameter 'sbiWlC•þÒ 0b¾BaÞ±»T“gw•HêèX}\÷h¼ü�úpïØzcšæ+ì›t aãšÅöèŽÍG˜qv¿bÊ@ªN%¤í%§ay³Ô' is invalid
[  286.496470][    T9] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  286.545914][ T8486] fuse: Bad value for 'group_id'
[  286.576471][ T8486] fuse: Bad value for 'group_id'
[  286.694724][    T9] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  286.723937][    T9] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  286.786622][    T9] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  286.861283][    T9] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  286.888274][    T9] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  287.004858][    T9] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  287.039249][    T9] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  287.191394][    T9] usb 3-1: Product: syz
[  287.195645][    T9] usb 3-1: Manufacturer: syz
[  287.283716][ T5960] usb 4-1: unable to get BOS descriptor or descriptor too short
[  287.319790][    T9] cdc_wdm 3-1:1.0: skipping garbage
[  287.327257][ T5960] usb 4-1: unable to read config index 0 descriptor/start: -71
[  287.341357][    T9] cdc_wdm 3-1:1.0: skipping garbage
[  287.354954][ T5960] usb 4-1: can't read configurations, error -71
[  287.369814][    T9] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  287.391037][    T9] cdc_wdm 3-1:1.0: Unknown control protocol
[  287.833328][   T30] audit: type=1326 audit(1757557391.962:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8499 comm="syz.3.653" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb0cd98eba9 code=0x0
[  287.993068][ T8508] netlink: 96 bytes leftover after parsing attributes in process `syz.3.653'.
[  288.169648][ T8508] netlink: 60 bytes leftover after parsing attributes in process `syz.3.653'.
[  289.144192][   T10] usb 3-1: USB disconnect, device number 28
[  289.455854][ T5960] usb 1-1: new full-speed USB device number 31 using dummy_hcd
[  289.667448][ T5960] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  289.675791][ T5960] usb 1-1: config 0 has no interface number 0
[  289.712547][ T5960] usb 1-1: New USB device found, idVendor=0b48, idProduct=1003, bcdDevice=7b.54
[  289.731679][ T5960] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  289.760169][ T5960] usb 1-1: Product: syz
[  289.768185][ T5960] usb 1-1: Manufacturer: syz
[  289.794828][ T5960] usb 1-1: SerialNumber: syz
[  289.824355][ T5960] usb 1-1: config 0 descriptor??
[  289.845021][ T5960] usb 1-1: selecting invalid altsetting 1
[  289.872566][ T5960] dvb_ttusb_budget: ttusb_init_controller: error
[  290.431247][ T5960] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  290.700459][ T8541] fuse: Bad value for 'group_id'
[  290.763031][ T8541] fuse: Bad value for 'group_id'
[  290.945036][ T5960] DVB: Unable to find symbol stv0299_attach()
[  291.217323][ T5960] DVB: Unable to find symbol tda8083_attach()
[  291.241492][ T5960] dvb_ttusb_budget: no frontend driver found for device [0b48:1003]
[  291.260329][ T8554] macsec1: entered promiscuous mode
[  291.312202][ T5960] usb 1-1: USB disconnect, device number 31
[  291.332609][ T8554] bond0: entered promiscuous mode
[  291.390636][ T8554] bond_slave_0: entered promiscuous mode
[  291.469462][ T8554] bond_slave_1: entered promiscuous mode
[  291.484096][ T8554] macsec1: entered allmulticast mode
[  291.678353][ T8554] bond0: entered allmulticast mode
[  291.685582][ T8568] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  291.697017][ T8568] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  291.714928][ T8554] bond_slave_0: entered allmulticast mode
[  291.791390][ T8554] bond_slave_1: entered allmulticast mode
[  292.042455][ T8554] bond0: left allmulticast mode
[  292.109107][ T8554] bond_slave_0: left allmulticast mode
[  292.136818][ T8554] bond_slave_1: left allmulticast mode
[  292.151672][ T8554] bond0: left promiscuous mode
[  292.278453][ T8554] bond_slave_0: left promiscuous mode
[  292.414135][ T8554] bond_slave_1: left promiscuous mode
[  292.833185][ T8573] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  292.842494][ T8573] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  293.158236][ T8575] sch_tbf: burst 19920 is lower than device lo mtu (65550) !
[  293.581510][   T10] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  293.621448][   T30] audit: type=1326 audit(1757557397.752:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8585 comm="syz.4.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc6d8eba9 code=0x7ffc0000
[  293.668051][   T30] audit: type=1326 audit(1757557397.752:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8585 comm="syz.4.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f2fc6d8eba9 code=0x7ffc0000
[  293.759914][   T30] audit: type=1326 audit(1757557397.752:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8585 comm="syz.4.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc6d8eba9 code=0x7ffc0000
[  293.812955][   T30] audit: type=1326 audit(1757557397.752:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8585 comm="syz.4.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc6d8eba9 code=0x7ffc0000
[  293.872670][   T30] audit: type=1326 audit(1757557397.752:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8585 comm="syz.4.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2fc6d8d510 code=0x7ffc0000
[  293.904130][   T10] usb 4-1: config 0 has no interfaces?
[  293.917927][   T30] audit: type=1326 audit(1757557397.752:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8585 comm="syz.4.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc6d8eba9 code=0x7ffc0000
[  293.961238][   T10] usb 4-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  293.990146][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  294.002982][   T30] audit: type=1326 audit(1757557397.752:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8585 comm="syz.4.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc6d8eba9 code=0x7ffc0000
[  294.026105][   T10] usb 4-1: Product: syz
[  294.032074][   T10] usb 4-1: Manufacturer: syz
[  294.042458][   T10] usb 4-1: SerialNumber: syz
[  294.053727][ T8592] fuse: Bad value for 'group_id'
[  294.058936][ T8592] fuse: Bad value for 'group_id'
[  294.070303][   T30] audit: type=1326 audit(1757557397.752:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8585 comm="syz.4.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2fc6d8d510 code=0x7ffc0000
[  294.110138][ T5960] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  294.134267][   T10] usb 4-1: config 0 descriptor??
[  294.164719][   T30] audit: type=1326 audit(1757557397.752:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8585 comm="syz.4.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc6d8eba9 code=0x7ffc0000
[  294.241105][   T30] audit: type=1326 audit(1757557397.752:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8585 comm="syz.4.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc6d8eba9 code=0x7ffc0000
[  294.283640][ T5960] usb 1-1: config 6 has an invalid interface number: 139 but max is 0
[  294.292066][ T5960] usb 1-1: config 6 has no interface number 0
[  294.307567][ T5960] usb 1-1: config 6 interface 139 altsetting 9 endpoint 0xC has an invalid bInterval 0, changing to 7
[  294.330679][ T5960] usb 1-1: config 6 interface 139 has no altsetting 0
[  294.345524][ T5960] usb 1-1: New USB device found, idVendor=0471, idProduct=2126, bcdDevice=79.ff
[  294.355604][ T5960] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  294.363775][ T5960] usb 1-1: Product: syz
[  294.374972][ T5960] usb 1-1: Manufacturer: syz
[  294.392480][ T5960] usb 1-1: SerialNumber: syz
[  294.515784][ T8579] veth0_macvtap: left promiscuous mode
[  294.530113][ T5864] usb 4-1: USB disconnect, device number 39
[  294.907729][ T5960] usb 1-1: USB disconnect, device number 32
[  295.636427][ T8607] netlink: 12 bytes leftover after parsing attributes in process `syz.0.679'.
[  296.021228][  T958] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  296.201381][  T958] usb 1-1: Using ep0 maxpacket: 32
[  296.522514][ T8618] netlink: 272 bytes leftover after parsing attributes in process `syz.2.682'.
[  296.535128][  T958] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  296.622401][  T958] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[  296.674688][  T958] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  296.730366][  T958] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  296.836962][  T958] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  296.847251][ T8623] netlink: 36 bytes leftover after parsing attributes in process `syz.2.683'.
[  296.891839][  T958] usb 1-1: Product: syz
[  296.896456][  T958] usb 1-1: Manufacturer: syz
[  296.901231][  T958] usb 1-1: SerialNumber: syz
[  296.921515][ T8623] netlink: 36 bytes leftover after parsing attributes in process `syz.2.683'.
[  296.972071][  T958] cdc_ncm 1-1:1.0: skipping garbage
[  297.082743][  T958] cdc_ncm 1-1:1.0: CDC Union missing and no IAD found
[  297.090480][  T958] cdc_ncm 1-1:1.0: bind() failure
[  297.178133][ T8610] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  297.211509][ T8610] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  297.226337][ T8630] netlink: 104 bytes leftover after parsing attributes in process `syz.1.684'.
[  297.258141][  T958] usb 1-1: USB disconnect, device number 33
[  297.335804][ T8627] netlink: 'syz.1.684': attribute type 10 has an invalid length.
[  297.345087][ T8627] team0: Device veth1_vlan failed to register rx_handler
[  298.993862][ T8648] IPv6: NLM_F_CREATE should be specified when creating new route
[  299.087510][ T8648] netlink: 20 bytes leftover after parsing attributes in process `syz.4.690'.
[  299.298257][ T8655] fuse: Unknown parameter 'no€'
[  299.751484][ T2155] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  299.963252][ T2155] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  300.014175][ T2155] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  300.080289][ T2155] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  300.135592][ T2155] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  300.175152][ T2155] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  300.203566][ T2155] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  300.231989][ T2155] usb 5-1: config 0 descriptor??
[  300.843979][ T2155] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  301.886879][ T8691] IPVS: set_ctl: invalid protocol: 2 172.30.0.4:20003
[  302.062320][ T2155] usb 5-1: reset high-speed USB device number 32 using dummy_hcd
[  302.198335][ T8695] netlink: 8 bytes leftover after parsing attributes in process `syz.3.702'.
[  302.223062][ T2155] usb 5-1: device descriptor read/64, error -32
[  302.541222][ T2155] usb 5-1: reset high-speed USB device number 32 using dummy_hcd
[  302.577793][ T8703] bridge1: trying to set multicast query interval above maximum, setting to 8640000 (86400000ms)
[  302.791559][ T2155] usb 5-1: device descriptor read/64, error -32
[  303.166528][ T2155] usb 5-1: reset high-speed USB device number 32 using dummy_hcd
[  303.382278][ T2155] usb 5-1: device not accepting address 32, error -71
[  303.810066][ T8724] tipc: Can't bind to reserved service type 2
[  304.222708][ T5864] usb 5-1: USB disconnect, device number 32
[  304.701422][ T8702] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  304.701692][ T5870] Bluetooth: hci0: command 0x0c1a tx timeout
[  305.502450][ T8702] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  305.509704][ T8702] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  305.516480][ T8702] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  305.523653][ T8702] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  305.802064][ T5960] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  305.941703][ T2155] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  305.974300][ T5960] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  305.986827][ T5960] usb 4-1: New USB device found, idVendor=046d, idProduct=c71f, bcdDevice= 0.00
[  305.997224][ T5960] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  306.015312][ T5960] usb 4-1: config 0 descriptor??
[  306.111507][ T2155] usb 3-1: Using ep0 maxpacket: 8
[  306.120778][ T2155] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  306.131418][ T2155] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 17
[  306.144584][ T2155] usb 3-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=c8.07
[  306.153970][ T2155] usb 3-1: New USB device strings: Mfr=209, Product=185, SerialNumber=60
[  306.162546][ T2155] usb 3-1: Product: syz
[  306.166896][ T2155] usb 3-1: Manufacturer: syz
[  306.172077][ T2155] usb 3-1: SerialNumber: syz
[  306.174947][ T2155] usb 3-1: config 0 descriptor??
[  306.201795][ T5864] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  306.356520][ T5864] usb 5-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  306.367362][ T5864] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  306.375455][ T5864] usb 5-1: Product: syz
[  306.380020][ T5864] usb 5-1: Manufacturer: syz
[  306.386356][ T5864] usb 5-1: SerialNumber: syz
[  306.399956][ T5864] usb 5-1: config 0 descriptor??
[  306.415108][ T5864] ch341 5-1:0.0: ch341-uart converter detected
[  306.429313][ T8731] netlink: 8 bytes leftover after parsing attributes in process `syz.3.712'.
[  306.781425][ T5870] Bluetooth: hci1: command 0x0c1a tx timeout
[  307.008035][ T2155] usb 3-1: USB disconnect, device number 29
[  307.162040][ T8760] sit1: entered allmulticast mode
[  307.630145][ T5870] Bluetooth: hci3: command 0x0c1a tx timeout
[  307.632376][   T51] Bluetooth: hci4: command 0x0c1a tx timeout
[  307.644973][ T5185] Bluetooth: hci2: command 0x0c1a tx timeout
[  307.675362][ T5960] usbhid 4-1:0.0: can't add hid device: -71
[  307.725208][ T5864] ch341-uart ttyUSB0: failed to read break control: -71
[  307.740275][ T5864] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71
[  307.786097][ T5864] usb 5-1: USB disconnect, device number 33
[  307.846454][ T2155] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  307.851365][ T5960] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  307.918903][ T8765] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  307.974081][ T5864] ch341 5-1:0.0: device disconnected
[  308.146640][ T5960] usb 4-1: USB disconnect, device number 40
[  308.152739][ T2155] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  308.152774][ T2155] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  308.152796][ T2155] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  308.231315][ T8765] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  308.282711][ T2155] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  308.297687][ T2155] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  308.422870][ T2155] usb 3-1: config 0 descriptor??
[  308.913639][ T2155] plantronics 0003:047F:FFFF.0008: reserved main item tag 0xe
[  308.925062][ T2155] plantronics 0003:047F:FFFF.0008: item fetching failed at offset 14/15
[  308.940082][ T2155] plantronics 0003:047F:FFFF.0008: parse failed
[  308.960024][ T2155] plantronics 0003:047F:FFFF.0008: probe with driver plantronics failed with error -22
[  309.092615][ T8769] netlink: 16 bytes leftover after parsing attributes in process `syz.2.725'.
[  309.103289][ T2155] usb 3-1: USB disconnect, device number 30
[  309.762808][ T8790] ucma_write: process 506 (syz.4.733) changed security contexts after opening file descriptor, this is not allowed.
[  310.403010][ T8804] netlink: 596 bytes leftover after parsing attributes in process `syz.0.737'.
[  310.923132][ T8812] input: syz1 as /devices/virtual/input/input19
[  313.296535][ T8843] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  313.351075][ T8843] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  313.382563][ T8849] netlink: 596 bytes leftover after parsing attributes in process `syz.0.750'.
[  313.601331][ T2155] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  313.780597][ T2155] usb 4-1: Using ep0 maxpacket: 8
[  313.795542][ T2155] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  313.816904][ T2155] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  313.840678][ T2155] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  313.860957][ T2155] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  313.910076][ T2155] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  313.945951][ T2155] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  314.199308][ T2155] usb 4-1: GET_CAPABILITIES returned 0
[  314.211973][ T2155] usbtmc 4-1:16.0: can't read capabilities
[  314.419652][    C0] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  314.428760][    C0] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  314.437831][    C0] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  314.446899][    C0] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  314.455950][    C0] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  314.464993][    C0] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  314.672912][ T8867] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  314.704155][ T8867] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  314.862571][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  314.871724][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  314.880803][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  314.892317][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  314.901387][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  314.910426][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  314.919458][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  314.928513][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  314.937594][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  315.019280][    C0] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  315.178434][ T5960] usb 1-1: new full-speed USB device number 34 using dummy_hcd
[  315.543332][  T958] usb 4-1: USB disconnect, device number 41
[  315.808453][ T5960] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  315.974019][ T5960] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2
[  315.993259][ T5960] usb 1-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  316.021259][ T5960] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  316.061296][ T5960] usb 1-1: config 0 descriptor??
[  316.134038][ T5960] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  316.149902][ T5960] dvb-usb: bulk message failed: -22 (3/0)
[  316.188175][ T5960] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  316.219728][ T5960] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  316.277655][ T5960] usb 1-1: media controller created
[  316.384696][ T5960] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  316.422610][ T5960] dvb-usb: bulk message failed: -22 (6/0)
[  316.495395][ T5960] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  316.574029][ T5960] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input20
[  316.687096][ T5960] dvb-usb: schedule remote query interval to 150 msecs.
[  316.849323][ T5960] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  316.879726][ T5960] usb 1-1: USB disconnect, device number 34
[  316.953168][ T5960] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  316.969827][ T8867] netlink: 64 bytes leftover after parsing attributes in process `syz.1.754'.
[  317.326489][ T8882] FAULT_INJECTION: forcing a failure.
[  317.326489][ T8882] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  317.346236][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  317.353558][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  317.361581][ T8882] CPU: 1 UID: 0 PID: 8882 Comm: syz.3.760 Not tainted syzkaller #0 PREEMPT(full) 
[  317.361608][ T8882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  317.361619][ T8882] Call Trace:
[  317.361627][ T8882]  <TASK>
[  317.361634][ T8882]  dump_stack_lvl+0x189/0x250
[  317.361663][ T8882]  ? __pfx____ratelimit+0x10/0x10
[  317.361683][ T8882]  ? __pfx_dump_stack_lvl+0x10/0x10
[  317.361706][ T8882]  ? __pfx__printk+0x10/0x10
[  317.361731][ T8882]  ? __might_fault+0xb0/0x130
[  317.361770][ T8882]  should_fail_ex+0x414/0x560
[  317.361803][ T8882]  _copy_from_user+0x2d/0xb0
[  317.361828][ T8882]  __x64_sys_epoll_ctl+0x126/0x1a0
[  317.361860][ T8882]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[  317.361892][ T8882]  ? rcu_is_watching+0x15/0xb0
[  317.361916][ T8882]  ? do_syscall_64+0xbe/0x3b0
[  317.361941][ T8882]  do_syscall_64+0xfa/0x3b0
[  317.361959][ T8882]  ? lockdep_hardirqs_on+0x9c/0x150
[  317.361977][ T8882]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.361996][ T8882]  ? clear_bhb_loop+0x60/0xb0
[  317.362019][ T8882]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.362037][ T8882] RIP: 0033:0x7fb0cd98eba9
[  317.362054][ T8882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  317.362071][ T8882] RSP: 002b:00007fb0ce759038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  317.362092][ T8882] RAX: ffffffffffffffda RBX: 00007fb0cdbd5fa0 RCX: 00007fb0cd98eba9
[  317.362105][ T8882] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000004
[  317.362116][ T8882] RBP: 00007fb0ce759090 R08: 0000000000000000 R09: 0000000000000000
[  317.362127][ T8882] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  317.362139][ T8882] R13: 00007fb0cdbd6038 R14: 00007fb0cdbd5fa0 R15: 00007fb0cdcffa28
[  317.362168][ T8882]  </TASK>
[  317.862272][ T8894] fuse: Bad value for 'user_id'
[  317.878137][ T8894] fuse: Bad value for 'user_id'
[  318.115093][ T2155] IPVS: starting estimator thread 0...
[  318.145975][ T8899] IPVS: sed: SCTP 172.20.20.187:0 - no destination available
[  318.171509][ T5960] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  318.313293][ T8900] IPVS: using max 47 ests per chain, 112800 per kthread
[  318.510286][ T8906] netlink: 12 bytes leftover after parsing attributes in process `syz.2.767'.
[  318.521922][ T8906] netlink: 4 bytes leftover after parsing attributes in process `syz.2.767'.
[  318.581231][ T5960] usb 1-1: Using ep0 maxpacket: 8
[  318.591941][ T5960] usb 1-1: config 0 has no interfaces?
[  318.951284][  T958] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  319.137021][  T958] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  319.149222][  T958] usb 3-1: config 1 has no interface number 0
[  319.160331][  T958] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  319.171688][   T10] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  319.217103][  T958] usb 3-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  319.249052][  T958] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  319.326222][  T958] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  319.336003][  T958] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  319.371529][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  319.392434][  T958] usb 3-1: Product: syz
[  319.392985][ T8919] loop2: detected capacity change from 0 to 7
[  319.396776][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  319.408085][ T8919] Dev loop2: unable to read RDB block 7
[  319.420533][ T8919]  loop2: AHDI p1 p2
[  319.429325][ T8920] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  319.437979][  T958] usb 3-1: Manufacturer: syz
[  319.444360][ T8919] loop2: partition table partially beyond EOD, truncated
[  319.452045][  T958] usb 3-1: SerialNumber: syz
[  319.458060][ T8920] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  319.471718][ T8919] loop2: p1 start 1668641394 is beyond EOD, truncated
[  319.490314][ T8920] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  319.505987][   T10] usb 5-1: New USB device found, idVendor=18b1, idProduct=0037, bcdDevice= 0.00
[  319.510025][ T8920] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  319.685564][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  319.762022][   T10] usb 5-1: config 0 descriptor??
[  320.022179][ T8913] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  320.037842][ T8913] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  320.086834][ T8913] netlink: 8 bytes leftover after parsing attributes in process `syz.4.768'.
[  320.139755][ T8913] team0: entered promiscuous mode
[  320.154765][ T8913] team_slave_0: entered promiscuous mode
[  320.160873][ T8913] team_slave_1: entered promiscuous mode
[  320.182895][ T8913] geneve0: entered promiscuous mode
[  320.208565][ T8913] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  320.236083][ T8913] team0: left promiscuous mode
[  320.253653][ T8913] team_slave_0: left promiscuous mode
[  320.280688][ T8913] team_slave_1: left promiscuous mode
[  320.310298][ T8913] geneve0: left promiscuous mode
[  320.422428][  T958] cdc_ncm 3-1:1.1: bind() failure
[  320.595043][ T2155] usb 3-1: USB disconnect, device number 31
[  320.606816][   T10] usbhid 5-1:0.0: can't add hid device: -71
[  320.613202][   T10] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  320.810221][   T10] usb 5-1: USB disconnect, device number 34
[  321.082559][ T5960] usb 1-1: string descriptor 0 read error: -71
[  321.089114][ T5960] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  321.162000][ T5960] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  321.199237][ T8936] netlink: 'syz.1.776': attribute type 10 has an invalid length.
[  321.257996][ T5960] usb 1-1: config 0 descriptor??
[  321.276586][ T8936] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  321.323431][ T5960] usb 1-1: can't set config #0, error -71
[  321.345335][ T5960] usb 1-1: USB disconnect, device number 35
[  321.375210][ T8939] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  321.385121][ T8939] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  322.031720][ T5864] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  322.760525][ T5864] usb 5-1: Using ep0 maxpacket: 16
[  322.808438][ T8948] netlink: 60 bytes leftover after parsing attributes in process `syz.4.779'.
[  322.818870][ T8948] netlink: 28 bytes leftover after parsing attributes in process `syz.4.779'.
[  323.166531][ T8963] pim6reg: entered allmulticast mode
[  325.081852][ T5864] usb 5-1: unable to get BOS descriptor or descriptor too short
[  325.092371][ T5864] usb 5-1: unable to read config index 0 descriptor/start: -71
[  325.099979][ T5864] usb 5-1: can't read configurations, error -71
[  325.681279][ T5864] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  325.696051][ T8988] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  325.724175][ T8988] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  325.845439][ T8995] fuse: Bad value for 'rootmode'
[  325.902550][ T5864] usb 5-1: config 0 has no interfaces?
[  325.973335][ T8997] netlink: 'syz.3.787': attribute type 10 has an invalid length.
[  325.981408][ T8997] veth1_vlan: entered allmulticast mode
[  325.998592][ T8997] veth1_vlan: left promiscuous mode
[  326.011264][ T5864] usb 5-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  326.016583][ T8997] team0: Device veth1_vlan failed to register rx_handler
[  326.026794][ T5864] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  326.045604][ T5864] usb 5-1: Product: syz
[  326.049823][ T5864] usb 5-1: Manufacturer: syz
[  326.139433][ T5864] usb 5-1: SerialNumber: syz
[  326.202210][ T5864] usb 5-1: config 0 descriptor??
[  326.445389][ T8976] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  326.585520][ T8976] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  326.642032][ T9007] FAULT_INJECTION: forcing a failure.
[  326.642032][ T9007] name failslab, interval 1, probability 0, space 0, times 0
[  326.662394][ T9007] CPU: 1 UID: 0 PID: 9007 Comm: syz.1.792 Not tainted syzkaller #0 PREEMPT(full) 
[  326.662413][ T9007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  326.662421][ T9007] Call Trace:
[  326.662426][ T9007]  <TASK>
[  326.662431][ T9007]  dump_stack_lvl+0x189/0x250
[  326.662450][ T9007]  ? __pfx____ratelimit+0x10/0x10
[  326.662463][ T9007]  ? __pfx_dump_stack_lvl+0x10/0x10
[  326.662476][ T9007]  ? __pfx__printk+0x10/0x10
[  326.662495][ T9007]  ? __pfx___might_resched+0x10/0x10
[  326.662505][ T9007]  ? fs_reclaim_acquire+0x7d/0x100
[  326.662524][ T9007]  should_fail_ex+0x414/0x560
[  326.662543][ T9007]  should_failslab+0xa8/0x100
[  326.662567][ T9007]  kmem_cache_alloc_noprof+0x73/0x3c0
[  326.662581][ T9007]  ? ep_insert+0x272/0x19e0
[  326.662599][ T9007]  ep_insert+0x272/0x19e0
[  326.662623][ T9007]  ? __pfx_ep_insert+0x10/0x10
[  326.662638][ T9007]  ? __pfx___mutex_lock+0x10/0x10
[  326.662651][ T9007]  ? __fget_files+0x2a/0x420
[  326.662663][ T9007]  ? __fget_files+0x2a/0x420
[  326.662672][ T9007]  ? __fget_files+0x3a0/0x420
[  326.662680][ T9007]  ? __fget_files+0x2a/0x420
[  326.662695][ T9007]  do_epoll_ctl+0x7f4/0xe80
[  326.662715][ T9007]  __x64_sys_epoll_ctl+0x163/0x1a0
[  326.662733][ T9007]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[  326.662747][ T9007]  ? rcu_is_watching+0x15/0xb0
[  326.662762][ T9007]  ? do_syscall_64+0xbe/0x3b0
[  326.662776][ T9007]  do_syscall_64+0xfa/0x3b0
[  326.662787][ T9007]  ? lockdep_hardirqs_on+0x9c/0x150
[  326.662799][ T9007]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.662812][ T9007]  ? clear_bhb_loop+0x60/0xb0
[  326.662825][ T9007]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.662835][ T9007] RIP: 0033:0x7fb2fad8eba9
[  326.662846][ T9007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  326.662856][ T9007] RSP: 002b:00007fb2fbb47038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  326.662870][ T9007] RAX: ffffffffffffffda RBX: 00007fb2fafd5fa0 RCX: 00007fb2fad8eba9
[  326.662879][ T9007] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000004
[  326.662885][ T9007] RBP: 00007fb2fbb47090 R08: 0000000000000000 R09: 0000000000000000
[  326.662892][ T9007] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  326.662899][ T9007] R13: 00007fb2fafd6038 R14: 00007fb2fafd5fa0 R15: 00007fb2fb0ffa28
[  326.662918][ T9007]  </TASK>
[  326.966804][ T9009] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  326.976333][ T9009] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  327.260806][ T8976] veth0_macvtap: left promiscuous mode
[  327.289165][ T5958] usb 5-1: USB disconnect, device number 36
[  327.881283][ T5958] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  328.075146][ T9023] FAULT_INJECTION: forcing a failure.
[  328.075146][ T9023] name failslab, interval 1, probability 0, space 0, times 0
[  328.199937][ T9023] CPU: 1 UID: 0 PID: 9023 Comm: syz.1.797 Not tainted syzkaller #0 PREEMPT(full) 
[  328.199964][ T9023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  328.199975][ T9023] Call Trace:
[  328.199984][ T9023]  <TASK>
[  328.199991][ T9023]  dump_stack_lvl+0x189/0x250
[  328.200019][ T9023]  ? __pfx____ratelimit+0x10/0x10
[  328.200043][ T9023]  ? __pfx_dump_stack_lvl+0x10/0x10
[  328.200064][ T9023]  ? __pfx__printk+0x10/0x10
[  328.200093][ T9023]  ? __pfx___might_resched+0x10/0x10
[  328.200118][ T9023]  should_fail_ex+0x414/0x560
[  328.200152][ T9023]  should_failslab+0xa8/0x100
[  328.200182][ T9023]  __kmalloc_noprof+0xcb/0x4f0
[  328.200207][ T9023]  ? inotify_handle_inode_event+0x19b/0x5f0
[  328.200235][ T9023]  inotify_handle_inode_event+0x19b/0x5f0
[  328.200267][ T9023]  fsnotify+0x1671/0x1a80
[  328.200297][ T9023]  ? take_dentry_name_snapshot+0x157/0x500
[  328.200343][ T9023]  ? fsnotify+0x735/0x1a80
[  328.200370][ T9023]  ? __pfx_fsnotify+0x10/0x10
[  328.200404][ T9023]  ? take_dentry_name_snapshot+0x29/0x500
[  328.200441][ T9023]  __fsnotify_parent+0x3fe/0x540
[  328.200477][ T9023]  ? __pfx___fsnotify_parent+0x10/0x10
[  328.200525][ T9023]  __kernel_read+0x73b/0x960
[  328.200562][ T9023]  ? __pfx___kernel_read+0x10/0x10
[  328.200592][ T9023]  ? __local_bh_enable_ip+0x12d/0x1c0
[  328.200612][ T9023]  ? lockdep_hardirqs_on+0x9c/0x150
[  328.200637][ T9023]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  328.200669][ T9023]  ? kernel_fpu_end+0xd2/0x120
[  328.200699][ T9023]  integrity_kernel_read+0x89/0xd0
[  328.200721][ T9023]  ? __pfx_integrity_kernel_read+0x10/0x10
[  328.200754][ T9023]  ima_calc_file_hash+0x85e/0x16f0
[  328.200777][ T9023]  ? __lock_acquire+0xab9/0xd20
[  328.200819][ T9023]  ? __lock_acquire+0xab9/0xd20
[  328.200848][ T9023]  ? __pfx_ima_calc_file_hash+0x10/0x10
[  328.200924][ T9023]  ? fill_mg_cmtime+0x26c/0x4f0
[  328.200951][ T9023]  ? shmem_huge_global_enabled+0x174/0x3a0
[  328.200983][ T9023]  ? shmem_getattr+0x3c7/0x510
[  328.201017][ T9023]  ima_collect_measurement+0x428/0x8e0
[  328.201051][ T9023]  ? __pfx_ima_collect_measurement+0x10/0x10
[  328.201074][ T9023]  ? __lock_acquire+0xab9/0xd20
[  328.201108][ T9023]  ? simple_xattr_get+0x37/0x180
[  328.201161][ T9023]  ? __pfx_ima_get_hash_algo+0x10/0x10
[  328.201192][ T9023]  process_measurement+0x1121/0x1a40
[  328.201236][ T9023]  ? __pfx_process_measurement+0x10/0x10
[  328.201307][ T9023]  ? rcu_read_lock_any_held+0xb3/0x120
[  328.201344][ T9023]  ima_file_mmap+0x1a2/0x1f0
[  328.201366][ T9023]  ? __pfx_ima_file_mmap+0x10/0x10
[  328.201394][ T9023]  ? common_file_perm+0x1b5/0x230
[  328.201419][ T9023]  security_mmap_file+0x7a4/0xa60
[  328.201449][ T9023]  vm_mmap_pgoff+0x129/0x4d0
[  328.201478][ T9023]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  328.201503][ T9023]  ? __fget_files+0x2a/0x420
[  328.201525][ T9023]  ? __fget_files+0x3a0/0x420
[  328.201540][ T9023]  ? __fget_files+0x2a/0x420
[  328.201563][ T9023]  ksys_mmap_pgoff+0x51f/0x760
[  328.201605][ T9023]  do_syscall_64+0xfa/0x3b0
[  328.201623][ T9023]  ? lockdep_hardirqs_on+0x9c/0x150
[  328.201641][ T9023]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.201660][ T9023]  ? clear_bhb_loop+0x60/0xb0
[  328.201683][ T9023]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.201702][ T9023] RIP: 0033:0x7fb2fad8eba9
[  328.201720][ T9023] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  328.201736][ T9023] RSP: 002b:00007fb2f8fd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  328.201759][ T9023] RAX: ffffffffffffffda RBX: 00007fb2fafd6180 RCX: 00007fb2fad8eba9
[  328.201773][ T9023] RDX: 00000000027ffff7 RSI: 0000000000600000 RDI: 0000200000000000
[  328.201786][ T9023] RBP: 00007fb2f8fd5090 R08: 0000000000000006 R09: 0000000000000000
[  328.201798][ T9023] R10: 0000000004012011 R11: 0000000000000246 R12: 0000000000000001
[  328.201810][ T9023] R13: 00007fb2fafd6218 R14: 00007fb2fafd6180 R15: 00007fb2fb0ffa28
[  328.201842][ T9023]  </TASK>
[  329.026225][ T5958] usb 3-1: config 0 has no interfaces?
[  329.034951][ T5958] usb 3-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  329.046933][ T5958] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  329.055724][ T5958] usb 3-1: Product: syz
[  329.060269][ T5958] usb 3-1: Manufacturer: syz
[  329.124761][ T5958] usb 3-1: SerialNumber: syz
[  329.145771][ T5958] usb 3-1: config 0 descriptor??
[  329.534004][ T5960] usb 3-1: USB disconnect, device number 32
[  331.721220][ T5960] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  331.925534][ T5960] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  331.936692][ T5960] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  332.140011][ T5960] usb 5-1: New USB device found, idVendor=18b1, idProduct=0037, bcdDevice= 0.00
[  332.149665][ T5960] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  332.277574][ T5960] usb 5-1: config 0 descriptor??
[  332.553188][ T9066] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  332.568013][ T9066] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  332.652077][ T9066] netlink: 8 bytes leftover after parsing attributes in process `syz.4.813'.
[  332.777977][ T9066] team0: entered promiscuous mode
[  332.849359][ T9066] team_slave_0: entered promiscuous mode
[  332.870045][ T9066] team_slave_1: entered promiscuous mode
[  332.889414][ T9066] geneve0: entered promiscuous mode
[  332.923420][ T9066] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  332.951400][   T24] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  332.970872][ T9066] team0: left promiscuous mode
[  333.001322][ T9066] team_slave_0: left promiscuous mode
[  333.042200][ T9066] team_slave_1: left promiscuous mode
[  333.062540][ T9066] geneve0: left promiscuous mode
[  333.121418][   T24] usb 1-1: Using ep0 maxpacket: 32
[  333.137702][   T24] usb 1-1: config 0 interface 0 has no altsetting 0
[  333.160647][   T24] usb 1-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  333.200693][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  333.230664][ T9092] netlink: 'syz.3.820': attribute type 12 has an invalid length.
[  333.245332][ T9092] netlink: 132 bytes leftover after parsing attributes in process `syz.3.820'.
[  333.260745][   T24] usb 1-1: Product: syz
[  333.270974][   T24] usb 1-1: Manufacturer: syz
[  333.288839][   T24] usb 1-1: SerialNumber: syz
[  333.315167][ T9094] batadv_slave_0: entered promiscuous mode
[  333.342757][   T24] usb 1-1: config 0 descriptor??
[  333.375367][   T24] gs_usb 1-1:0.0: Required endpoints not found
[  333.465221][ T5960] usbhid 5-1:0.0: can't add hid device: -71
[  333.503400][ T5960] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  333.545195][ T5960] usb 5-1: USB disconnect, device number 37
[  333.912107][ T9110] FAULT_INJECTION: forcing a failure.
[  333.912107][ T9110] name failslab, interval 1, probability 0, space 0, times 0
[  333.953559][ T9110] CPU: 1 UID: 0 PID: 9110 Comm: syz.3.825 Not tainted syzkaller #0 PREEMPT(full) 
[  333.953588][ T9110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  333.953600][ T9110] Call Trace:
[  333.953609][ T9110]  <TASK>
[  333.953618][ T9110]  dump_stack_lvl+0x189/0x250
[  333.953648][ T9110]  ? __pfx____ratelimit+0x10/0x10
[  333.953669][ T9110]  ? __pfx_dump_stack_lvl+0x10/0x10
[  333.953701][ T9110]  ? __pfx__printk+0x10/0x10
[  333.953733][ T9110]  ? __pfx___might_resched+0x10/0x10
[  333.953752][ T9110]  ? fs_reclaim_acquire+0x7d/0x100
[  333.953786][ T9110]  should_fail_ex+0x414/0x560
[  333.953820][ T9110]  should_failslab+0xa8/0x100
[  333.953850][ T9110]  __kmalloc_noprof+0xcb/0x4f0
[  333.953875][ T9110]  ? kfree+0x4d/0x440
[  333.953895][ T9110]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  333.953923][ T9110]  tomoyo_realpath_from_path+0xe3/0x5d0
[  333.953946][ T9110]  ? tomoyo_domain+0xd9/0x130
[  333.953974][ T9110]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  333.954002][ T9110]  tomoyo_path_number_perm+0x1e8/0x5a0
[  333.954032][ T9110]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  333.954079][ T9110]  ? __lock_acquire+0xab9/0xd20
[  333.954131][ T9110]  ? __fget_files+0x2a/0x420
[  333.954152][ T9110]  ? __fget_files+0x2a/0x420
[  333.954168][ T9110]  ? __fget_files+0x3a0/0x420
[  333.954183][ T9110]  ? __fget_files+0x2a/0x420
[  333.954205][ T9110]  security_file_ioctl+0xcb/0x2d0
[  333.954233][ T9110]  __se_sys_ioctl+0x47/0x170
[  333.954259][ T9110]  do_syscall_64+0xfa/0x3b0
[  333.954278][ T9110]  ? lockdep_hardirqs_on+0x9c/0x150
[  333.954296][ T9110]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.954314][ T9110]  ? clear_bhb_loop+0x60/0xb0
[  333.954339][ T9110]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.954357][ T9110] RIP: 0033:0x7fb0cd98eba9
[  333.954376][ T9110] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  333.954393][ T9110] RSP: 002b:00007fb0ce759038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  333.954416][ T9110] RAX: ffffffffffffffda RBX: 00007fb0cdbd5fa0 RCX: 00007fb0cd98eba9
[  333.954430][ T9110] RDX: 00002000000001c0 RSI: 000000000000541b RDI: 0000000000000005
[  333.954441][ T9110] RBP: 00007fb0ce759090 R08: 0000000000000000 R09: 0000000000000000
[  333.954453][ T9110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  333.954464][ T9110] R13: 00007fb0cdbd6038 R14: 00007fb0cdbd5fa0 R15: 00007fb0cdcffa28
[  333.954497][ T9110]  </TASK>
[  333.954539][ T9110] ERROR: Out of memory at tomoyo_realpath_from_path.
[  334.072463][ T9109] netlink: 'syz.1.824': attribute type 75 has an invalid length.
[  334.964576][ T9126] delete_channel: no stack
[  334.970705][ T9126] netlink: 156 bytes leftover after parsing attributes in process `syz.2.829'.
[  335.727210][   T24] usb 1-1: USB disconnect, device number 36
[  337.550455][ T9151] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  337.611349][ T2155] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  337.640286][ T9151] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  337.833731][ T2155] usb 5-1: too many configurations: 69, using maximum allowed: 8
[  337.883387][ T2155] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  337.890486][ T9158] netlink: 'syz.2.839': attribute type 1 has an invalid length.
[  337.916554][ T2155] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  337.958515][ T2155] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  338.018655][ T2155] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  338.060361][ T9158] 8021q: adding VLAN 0 to HW filter on device bond4
[  338.084652][ T2155] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  338.116932][ T2155] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  338.158710][ T2155] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  338.192672][ T2155] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  338.215308][ T9172] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  338.231806][ T2155] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  338.242525][ T9162] veth3: entered promiscuous mode
[  338.248101][ T2155] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  338.260896][ T2155] usb 5-1: Product: syz
[  338.266565][ T2155] usb 5-1: Manufacturer: syz
[  338.273161][ T2155] usb 5-1: SerialNumber: syz
[  338.290129][ T2155] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  338.290297][ T9162] bond4: (slave veth3): Enslaving as an active interface with an up link
[  338.424553][ T9172] netlink: 8 bytes leftover after parsing attributes in process `syz.3.842'.
[  338.457926][   T24] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  338.764339][ T9186] netlink: 8 bytes leftover after parsing attributes in process `syz.4.835'.
[  339.586921][   T24] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  339.594815][   T24] ath9k_htc: Failed to initialize the device
[  339.629228][   T24] usb 5-1: ath9k_htc: USB layer deinitialized
[  339.861222][    T9] usb 1-1: new full-speed USB device number 37 using dummy_hcd
[  340.025244][    T9] usb 1-1: config 8 has an invalid interface number: 223 but max is 0
[  340.040349][    T9] usb 1-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[  340.086404][    T9] usb 1-1: config 8 has no interface number 0
[  340.104118][    T9] usb 1-1: config 8 interface 223 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  340.159104][    T9] usb 1-1: New USB device found, idVendor=a6da, idProduct=7458, bcdDevice=2d.4d
[  340.179023][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  340.216978][    T9] usb 1-1: Product: syz
[  340.225904][    T9] usb 1-1: Manufacturer: syz
[  340.236297][    T9] usb 1-1: SerialNumber: syz
[  340.710220][    T9] usb 1-1: USB disconnect, device number 37
[  340.934017][   T10] usb 5-1: USB disconnect, device number 38
[  341.276377][ T9195] netlink: 32 bytes leftover after parsing attributes in process `syz.4.847'.
[  341.471459][   T10] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  341.631396][   T10] usb 3-1: Using ep0 maxpacket: 16
[  341.840298][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  341.895005][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  341.980493][   T10] usb 3-1: New USB device found, idVendor=0c12, idProduct=0030, bcdDevice= 0.00
[  341.992221][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  342.033944][   T10] usb 3-1: config 0 descriptor??
[  342.256117][ T9194] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  342.271721][ T9194] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  342.595458][   T10] zeroplus 0003:0C12:0030.0009: item fetching failed at offset 1/5
[  342.615588][   T10] zeroplus 0003:0C12:0030.0009: parse failed
[  342.635924][   T10] zeroplus 0003:0C12:0030.0009: probe with driver zeroplus failed with error -22
[  342.671877][ T9204] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  342.694677][ T9204] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  342.951207][ T5960] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  343.087870][ T9212] netlink: 'syz.3.854': attribute type 12 has an invalid length.
[  343.111430][ T9212] netlink: 132 bytes leftover after parsing attributes in process `syz.3.854'.
[  343.151664][ T5960] usb 1-1: Using ep0 maxpacket: 16
[  343.195295][ T5960] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=29.00
[  343.204775][ T5960] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  343.241404][ T5960] usb 1-1: Product: syz
[  343.245628][ T5960] usb 1-1: Manufacturer: syz
[  343.270070][ T5960] usb 1-1: SerialNumber: syz
[  343.292678][ T5960] usb 1-1: config 0 descriptor??
[  343.367018][ T5960] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected
[  343.396087][ T5960] usb 1-1: Detected FT4233HP
[  343.430373][    T9] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  343.488020][ T9225] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  343.515085][ T9200] netlink: 'syz.0.850': attribute type 6 has an invalid length.
[  343.605297][    T9] usb 5-1: Using ep0 maxpacket: 32
[  343.618858][    T9] usb 5-1: config 0 has an invalid interface number: 184 but max is 0
[  343.627448][    T9] usb 5-1: config 0 has no interface number 0
[  343.640714][    T9] usb 5-1: config 0 interface 184 has no altsetting 0
[  343.666465][    T9] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  343.676989][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  343.685162][    T9] usb 5-1: Product: syz
[  343.696126][    T9] usb 5-1: Manufacturer: syz
[  343.709717][    T9] usb 5-1: SerialNumber: syz
[  343.727749][    T9] usb 5-1: config 0 descriptor??
[  343.744799][    T9] smsc75xx v1.0.0
[  343.901729][   T24] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[  343.959416][ T9214] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  343.974662][ T9214] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  344.073190][ T2155] usb 3-1: USB disconnect, device number 33
[  344.080899][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  344.866309][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  344.897162][   T24] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  344.915656][ T9230] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  344.980790][ T9230] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  345.002552][   T24] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  345.071732][ T5960] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  345.101375][ T5960] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  345.147509][ T5960] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  345.160261][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  345.222011][   T24] usb 4-1: config 0 descriptor??
[  345.280692][ T5960] usb 1-1: USB disconnect, device number 38
[  345.312054][ T5960] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  345.349368][ T5960] ftdi_sio 1-1:0.0: device disconnected
[  345.694175][    T9] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  345.719539][    T9] smsc75xx 5-1:0.184: probe with driver smsc75xx failed with error -71
[  345.790353][    T9] usb 5-1: USB disconnect, device number 39
[  345.910261][   T24] plantronics 0003:047F:FFFF.000A: reserved main item tag 0xd
[  345.967693][   T24] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  346.121256][   T10] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  346.185081][   T24] usb 4-1: USB disconnect, device number 42
[  346.273427][   T10] usb 3-1: device descriptor read/64, error -71
[  346.297310][ T9237] fido_id[9237]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  346.554480][   T10] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  346.732886][   T10] usb 3-1: device descriptor read/64, error -71
[  346.848443][   T10] usb usb3-port1: attempt power cycle
[  346.911565][ T5960] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[  347.176922][ T5960] usb 1-1: config 0 interface 0 altsetting 185 endpoint 0x81 has invalid wMaxPacketSize 0
[  347.189602][ T5960] usb 1-1: config 0 interface 0 has no altsetting 0
[  347.205782][ T5960] usb 1-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  347.219164][   T10] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  347.229730][ T5960] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  347.266632][   T10] usb 3-1: device descriptor read/8, error -71
[  347.278662][ T5960] usb 1-1: config 0 descriptor??
[  347.361601][ T9263] netlink: 104 bytes leftover after parsing attributes in process `syz.1.873'.
[  347.511464][   T10] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  347.542495][   T10] usb 3-1: device descriptor read/8, error -71
[  347.672030][   T10] usb usb3-port1: unable to enumerate USB device
[  347.896324][   T30] kauditd_printk_skb: 55 callbacks suppressed
[  347.896339][   T30] audit: type=1326 audit(1757557452.052:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9271 comm="syz.1.875" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb2fad8eba9 code=0x0
[  347.928166][ T5960] usbhid 1-1:0.0: can't add hid device: -71
[  347.940815][ T5960] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  347.960340][ T5960] usb 1-1: USB disconnect, device number 39
[  348.216101][ T9279] loop6: detected capacity change from 0 to 7
[  348.236569][ T5985] Dev loop6: unable to read RDB block 7
[  348.242988][ T5985]  loop6: AHDI p1 p2 p3 p4
[  348.251276][ T5985] loop6: partition table partially beyond EOD, truncated
[  348.279583][ T5985] loop6: p1 start 2521779581 is beyond EOD, truncated
[  348.293263][ T5985] loop6: p2 size 47 extends beyond EOD, truncated
[  348.310332][ T5985] loop6: p3 start 1886353253 is beyond EOD, truncated
[  348.330385][ T9279] Dev loop6: unable to read RDB block 7
[  348.336189][ T9279]  loop6: AHDI p1 p2 p3 p4
[  348.340836][ T9279] loop6: partition table partially beyond EOD, truncated
[  348.349979][ T9279] loop6: p1 start 2521779581 is beyond EOD, truncated
[  348.357189][ T9279] loop6: p2 size 47 extends beyond EOD, truncated
[  348.367862][ T9279] loop6: p3 start 1886353253 is beyond EOD, truncated
[  348.483645][ T5985] udevd[5985]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  348.619940][ T5985] udevd[5985]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  349.488866][ T9302] netlink: 'syz.2.882': attribute type 10 has an invalid length.
[  349.551789][ T9306] netlink: 4 bytes leftover after parsing attributes in process `syz.3.884'.
[  349.621822][ T9307] netlink: 12 bytes leftover after parsing attributes in process `syz.3.884'.
[  349.850805][ T9302] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  350.184216][ T9314] netlink: 596 bytes leftover after parsing attributes in process `syz.0.886'.
[  350.614612][ T9311] netlink: 'syz.4.885': attribute type 10 has an invalid length.
[  350.672209][ T9311] veth1_vlan: entered allmulticast mode
[  351.042530][ T9311] team0: Device veth1_vlan failed to register rx_handler
[  351.341934][ T5864] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  351.564647][ T5864] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  351.632391][ T5864] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  351.733199][ T9333] FAULT_INJECTION: forcing a failure.
[  351.733199][ T9333] name failslab, interval 1, probability 0, space 0, times 0
[  351.778596][ T5864] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  351.817961][ T9333] CPU: 0 UID: 0 PID: 9333 Comm: syz.2.890 Not tainted syzkaller #0 PREEMPT(full) 
[  351.817990][ T9333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  351.818002][ T9333] Call Trace:
[  351.818010][ T9333]  <TASK>
[  351.818019][ T9333]  dump_stack_lvl+0x189/0x250
[  351.818049][ T9333]  ? __pfx____ratelimit+0x10/0x10
[  351.818069][ T9333]  ? __pfx_dump_stack_lvl+0x10/0x10
[  351.818093][ T9333]  ? __pfx__printk+0x10/0x10
[  351.818122][ T9333]  ? __pfx___might_resched+0x10/0x10
[  351.818142][ T9333]  ? fs_reclaim_acquire+0x7d/0x100
[  351.818177][ T9333]  should_fail_ex+0x414/0x560
[  351.818211][ T9333]  should_failslab+0xa8/0x100
[  351.818247][ T9333]  __kmalloc_noprof+0xcb/0x4f0
[  351.818271][ T9333]  ? tomoyo_encode+0x28b/0x550
[  351.818296][ T9333]  tomoyo_encode+0x28b/0x550
[  351.818323][ T9333]  tomoyo_realpath_from_path+0x58d/0x5d0
[  351.818367][ T9333]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  351.818395][ T9333]  tomoyo_path_number_perm+0x1e8/0x5a0
[  351.818425][ T9333]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  351.818471][ T9333]  ? __lock_acquire+0xab9/0xd20
[  351.818522][ T9333]  ? __fget_files+0x2a/0x420
[  351.818543][ T9333]  ? __fget_files+0x2a/0x420
[  351.818559][ T9333]  ? __fget_files+0x3a0/0x420
[  351.818575][ T9333]  ? __fget_files+0x2a/0x420
[  351.818594][ T9333]  security_file_ioctl+0xcb/0x2d0
[  351.818621][ T9333]  __se_sys_ioctl+0x47/0x170
[  351.818647][ T9333]  do_syscall_64+0xfa/0x3b0
[  351.818667][ T9333]  ? lockdep_hardirqs_on+0x9c/0x150
[  351.818685][ T9333]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.818704][ T9333]  ? clear_bhb_loop+0x60/0xb0
[  351.818728][ T9333]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.818745][ T9333] RIP: 0033:0x7f935858eba9
[  351.818763][ T9333] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  351.818780][ T9333] RSP: 002b:00007f9359411038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  351.818803][ T9333] RAX: ffffffffffffffda RBX: 00007f93587d5fa0 RCX: 00007f935858eba9
[  351.818817][ T9333] RDX: 0000200000000340 RSI: 00000000c0d05605 RDI: 0000000000000003
[  351.818829][ T9333] RBP: 00007f9359411090 R08: 0000000000000000 R09: 0000000000000000
[  351.818841][ T9333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  351.818852][ T9333] R13: 00007f93587d6038 R14: 00007f93587d5fa0 R15: 00007f93588ffa28
[  351.818883][ T9333]  </TASK>
[  351.819982][ T9333] ERROR: Out of memory at tomoyo_realpath_from_path.
[  351.847654][ T5864] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  352.007379][    C1] vkms_vblank_simulate: vblank timer overrun
[  352.441316][ T5960] usb 4-1: new low-speed USB device number 43 using dummy_hcd
[  352.775434][ T5864] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  352.862860][ T5864] usb 1-1: config 0 descriptor??
[  352.879509][ T5960] usb 4-1: unable to get BOS descriptor or descriptor too short
[  352.937604][ T5960] usb 4-1: config 127 has an invalid interface number: 142 but max is 1
[  353.035447][ T5960] usb 4-1: config 127 has an invalid interface number: 169 but max is 1
[  353.175658][ T5960] usb 4-1: config 127 contains an unexpected descriptor of type 0x2, skipping
[  353.194814][ T5960] usb 4-1: config 127 has no interface number 0
[  353.202146][ T5960] usb 4-1: config 127 has no interface number 1
[  353.454445][ T5960] usb 4-1: config 127 interface 142 altsetting 241 endpoint 0x2 has invalid maxpacket 64, setting to 8
[  353.471798][ T9344] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  353.479106][ T9344] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  353.514982][ T9344] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  353.597078][ T5960] usb 4-1: config 127 interface 142 altsetting 241 endpoint 0x4 has invalid maxpacket 512, setting to 8
[  353.650076][ T9344] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  353.661244][ T9344] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  353.780889][ T5960] usb 4-1: config 127 interface 142 altsetting 241 has a duplicate endpoint with address 0x2, skipping
[  353.871241][ T5960] usb 4-1: config 127 interface 142 altsetting 241 has a duplicate endpoint with address 0x8, skipping
[  353.882543][ T5960] usb 4-1: config 127 interface 142 altsetting 241 endpoint 0x6 has invalid maxpacket 1023, setting to 8
[  353.909933][ T5960] usb 4-1: config 127 interface 142 altsetting 241 has a duplicate endpoint with address 0x8, skipping
[  353.952124][ T5960] usb 4-1: config 127 interface 169 altsetting 253 has a duplicate endpoint with address 0x4, skipping
[  354.264887][ T9334] netlink: 8 bytes leftover after parsing attributes in process `syz.1.889'.
[  354.298383][ T5960] usb 4-1: config 127 interface 169 altsetting 253 endpoint 0x7 has invalid maxpacket 512, setting to 8
[  354.478290][ T5960] usb 4-1: config 127 interface 169 altsetting 253 endpoint 0xF has invalid wMaxPacketSize 0
[  354.558507][ T2155] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[  354.569962][ T2155] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[  354.586343][ T5960] usb 4-1: config 127 interface 169 altsetting 253 endpoint 0xE has invalid maxpacket 1024, setting to 8
[  354.586388][ T2155] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[  354.648215][ T2155] hid-generic 0000:0004:0000.000B: hidraw0: <UNKNOWN> HID v0.05 Device [syz0] on syz0
[  354.877509][ T9353] fido_id[9353]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  354.977405][ T5960] usb 4-1: config 127 interface 169 altsetting 253 has a duplicate endpoint with address 0x2, skipping
[  355.021224][ T5960] usb 4-1: config 127 interface 169 altsetting 253 has a duplicate endpoint with address 0x8, skipping
[  355.101323][ T5960] usb 4-1: config 127 interface 169 altsetting 253 has a duplicate endpoint with address 0x2, skipping
[  355.350517][ T5960] usb 4-1: config 127 interface 169 altsetting 253 has a duplicate endpoint with address 0x4, skipping
[  355.374524][ T9356] netlink: 56 bytes leftover after parsing attributes in process `syz.1.893'.
[  355.402989][ T5960] usb 4-1: config 127 interface 169 altsetting 253 has a duplicate endpoint with address 0x88, skipping
[  355.501591][ T5870] Bluetooth: hci0: command 0x0c1a tx timeout
[  355.507727][ T5185] Bluetooth: hci1: command 0x0c1a tx timeout
[  355.581768][ T5185] Bluetooth: hci2: command 0x0c1a tx timeout
[  355.635887][ T5960] usb 4-1: config 127 interface 169 altsetting 253 has a duplicate endpoint with address 0x8, skipping
[  355.661315][ T5185] Bluetooth: hci3: command 0x0c1a tx timeout
[  355.741389][ T5185] Bluetooth: hci4: command 0x0c1a tx timeout
[  355.981574][ T5960] usb 4-1: config 127 interface 169 altsetting 253 has an endpoint descriptor with address 0xE1, changing to 0x81
[  356.061163][ T5960] usb 4-1: config 127 interface 169 altsetting 253 endpoint 0x81 is Bulk; changing to Interrupt
[  356.121251][ T5960] usb 4-1: config 127 interface 169 altsetting 253 endpoint 0xA has invalid maxpacket 512, setting to 8
[  356.171242][ T2155] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  356.210996][ T5960] usb 4-1: config 127 interface 169 altsetting 253 has a duplicate endpoint with address 0xE, skipping
[  356.226783][ T9327] [U] 
[  356.255562][ T5960] usb 4-1: config 127 interface 169 altsetting 253 has an invalid descriptor for endpoint zero, skipping
[  356.307035][ T5960] usb 4-1: config 127 interface 169 altsetting 253 has 14 endpoint descriptors, different from the interface descriptor's value: 13
[  356.349643][ T9366] netlink: 596 bytes leftover after parsing attributes in process `syz.3.898'.
[  356.357745][ T2155] usb 5-1: Using ep0 maxpacket: 8
[  356.371228][ T5960] usb 4-1: config 127 interface 142 has no altsetting 0
[  356.378286][ T5960] usb 4-1: config 127 interface 169 has no altsetting 0
[  356.385824][ T2155] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  356.413868][ T2155] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  356.423233][ T5960] usb 4-1: string descriptor 0 read error: -71
[  356.430208][ T5960] usb 4-1: New USB device found, idVendor=257a, idProduct=262f, bcdDevice=1d.2b
[  356.448256][ T2155] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  356.465147][ T5960] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  356.471729][ T2155] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  356.524327][ T5960] usb 4-1: can't set config #127, error -71
[  356.554573][ T2155] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  356.558384][ T5960] usb 4-1: USB disconnect, device number 43
[  356.600712][ T2155] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  356.700013][ T9375] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  356.838828][ T9377] fuse: Bad value for 'group_id'
[  356.844166][ T9377] fuse: Bad value for 'group_id'
[  356.855874][ T2155] usb 5-1: GET_CAPABILITIES returned 0
[  356.871574][ T2155] usbtmc 5-1:16.0: can't read capabilities
[  356.889616][ T9375] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  357.057558][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  357.066680][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  357.075751][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  357.084825][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  357.093877][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  357.180219][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  357.189377][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  357.294021][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  357.303167][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  357.312376][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  357.361589][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  357.370722][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  357.379816][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  357.388874][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  357.406629][ T5864] usbhid 1-1:0.0: can't add hid device: -71
[  357.412761][ T5864] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  357.423822][ T5864] usb 1-1: USB disconnect, device number 40
[  357.543091][ T9378] program syz.1.897 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  357.554042][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  357.563181][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  357.580579][ T2155] usb 5-1: USB disconnect, device number 40
[  357.831875][ T9387] fuse: Bad value for 'fd'
[  358.548798][ T9397] netlink: 28 bytes leftover after parsing attributes in process `syz.4.903'.
[  358.831718][ T5958] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  359.032741][ T5958] usb 1-1: Using ep0 maxpacket: 16
[  359.039994][ T5958] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  359.051041][ T5958] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  359.095642][ T5958] usb 1-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00
[  359.114377][ T5958] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  359.127029][ T5958] usb 1-1: config 0 descriptor??
[  359.135552][ T5958] pxrc 1-1:0.0: Could not find endpoint
[  359.143263][ T5958] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  359.273094][ T2155] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  359.364071][ T5958] usb 1-1: USB disconnect, device number 41
[  359.431661][ T2155] usb 3-1: Using ep0 maxpacket: 8
[  359.434833][ T2155] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  359.434853][ T2155] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  359.434869][ T2155] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  359.434882][ T2155] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  359.434908][ T2155] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  359.434922][ T2155] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  359.670669][ T2155] usb 3-1: GET_CAPABILITIES returned 0
[  359.670714][ T2155] usbtmc 3-1:16.0: can't read capabilities
[  359.873727][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  359.873792][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  359.873840][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  359.874070][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  359.874122][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  359.874173][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  359.874384][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  359.874436][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  359.874487][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  359.874691][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  359.874740][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  359.874789][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  359.875009][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  359.875062][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  359.875114][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  359.875310][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  359.880655][   T10] usb 3-1: USB disconnect, device number 38
[  360.621680][ T9421] netlink: 596 bytes leftover after parsing attributes in process `syz.0.910'.
[  360.660291][ T9423] netlink: 80 bytes leftover after parsing attributes in process `syz.4.911'.
[  360.689844][ T9430] fuse: Bad value for 'fd'
[  360.817401][ T9427] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  360.820649][ T9427] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  360.821342][ T9427] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  360.821871][ T9427] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  360.822287][ T9427] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  362.474256][ T9445] netlink: 'syz.3.917': attribute type 12 has an invalid length.
[  362.492533][ T9445] netlink: 132 bytes leftover after parsing attributes in process `syz.3.917'.
[  362.901320][ T5870] Bluetooth: hci4: command 0x0c1a tx timeout
[  362.901379][ T5185] Bluetooth: hci3: command 0x0c1a tx timeout
[  362.908907][ T5870] Bluetooth: hci2: command 0x0c1a tx timeout
[  362.913450][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  362.913496][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  363.460921][ T9446] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  363.542742][ T9462] netlink: 60 bytes leftover after parsing attributes in process `syz.2.922'.
[  363.730650][ T9468] netlink: 596 bytes leftover after parsing attributes in process `syz.2.925'.
[  363.755992][ T9466] fuse: Bad value for 'fd'
[  363.761229][ T5958] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  363.923219][ T5958] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  363.946189][ T5958] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  363.965768][ T9471] netlink: 8 bytes leftover after parsing attributes in process `syz.3.926'.
[  363.976130][ T5958] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  364.017013][ T5958] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  364.028405][ T5958] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  364.047101][ T5958] usb 1-1: Product: syz
[  364.057215][ T5958] usb 1-1: Manufacturer: syz
[  364.069713][ T5958] usb 1-1: SerialNumber: syz
[  364.087073][ T9473] netlink: 48 bytes leftover after parsing attributes in process `syz.1.927'.
[  364.132778][ T5958] hub 1-1:1.0: bad descriptor, ignoring hub
[  364.147415][ T5958] hub 1-1:1.0: probe with driver hub failed with error -5
[  364.404474][ T5958] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 42 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  364.670732][ T9488] netlink: 4 bytes leftover after parsing attributes in process `syz.1.931'.
[  365.366661][ T9446] usb 1-1: reset high-speed USB device number 42 using dummy_hcd
[  365.742768][ T9496] pimreg: entered allmulticast mode
[  365.797223][ T9500] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  365.810753][ T9500] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  365.879569][    T9] usb 1-1: USB disconnect, device number 42
[  365.909737][    T9] usblp0: removed
[  366.005218][ T9502] fuse: Bad value for 'fd'
[  366.315880][   T30] audit: type=1326 audit(1757557470.462:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9507 comm="syz.3.938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0cd98eba9 code=0x7ffc0000
[  366.601581][   T30] audit: type=1326 audit(1757557470.462:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9507 comm="syz.3.938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0cd98eba9 code=0x7ffc0000
[  366.790019][   T30] audit: type=1326 audit(1757557470.462:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9507 comm="syz.3.938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb0cd98eba9 code=0x7ffc0000
[  366.813190][   T30] audit: type=1326 audit(1757557470.462:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9507 comm="syz.3.938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0cd98eba9 code=0x7ffc0000
[  368.232263][ T9529] netlink: 4 bytes leftover after parsing attributes in process `syz.1.943'.
[  368.701276][ T5879] Bluetooth: hci0: command 0x0c1a tx timeout
[  368.750555][ T9509] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  369.072228][ T9509] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  369.086372][ T9509] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  369.097227][ T9509] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  369.106294][ T9509] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  369.317095][ T9545] fuse: Bad value for 'fd'
[  369.837155][ T9549] netlink: 272 bytes leftover after parsing attributes in process `syz.4.949'.
[  370.484111][    T9] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[  370.696857][ T9567] netlink: 28 bytes leftover after parsing attributes in process `syz.2.954'.
[  370.706152][ T9567] netlink: 'syz.2.954': attribute type 7 has an invalid length.
[  370.713931][ T9567] netlink: 'syz.2.954': attribute type 8 has an invalid length.
[  370.721899][ T9567] netlink: 4 bytes leftover after parsing attributes in process `syz.2.954'.
[  370.751445][ T9567] ip6gretap0: entered promiscuous mode
[  370.758718][ T9567] batadv_slave_1: entered promiscuous mode
[  370.766948][ T9567] erspan0: entered promiscuous mode
[  370.814104][    T9] usb 5-1: device descriptor read/64, error -71
[  370.880870][ T5879] Bluetooth: hci1: command 0x0c1a tx timeout
[  370.894997][ T9566] loop6: detected capacity change from 0 to 7
[  370.903083][ T9566] Dev loop6: unable to read RDB block 7
[  370.908665][ T9566]  loop6: AHDI p1 p2 p3 p4
[  370.913476][ T9566] loop6: partition table partially beyond EOD, truncated
[  370.920639][ T9566] loop6: p1 start 2521779581 is beyond EOD, truncated
[  370.944587][ T9566] loop6: p2 size 47 extends beyond EOD, truncated
[  371.008485][ T9566] loop6: p3 start 1886353253 is beyond EOD, truncated
[  371.072002][    T9] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[  371.102409][ T5879] Bluetooth: hci3: command 0x0c1a tx timeout
[  371.108605][ T5879] Bluetooth: hci2: command 0x0c1a tx timeout
[  371.181699][ T5879] Bluetooth: hci4: command 0x0c1a tx timeout
[  371.195391][ T9576] fuse: Bad value for 'fd'
[  371.241221][    T9] usb 5-1: device descriptor read/64, error -71
[  371.481454][    T9] usb usb5-port1: attempt power cycle
[  371.586467][ T9581] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  371.627299][ T9581] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  371.821328][   T24] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[  371.873917][    T9] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[  371.913274][    T9] usb 5-1: device descriptor read/8, error -71
[  371.991253][   T24] usb 1-1: Using ep0 maxpacket: 8
[  372.005241][   T24] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  372.026751][   T24] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[  372.061574][   T24] usb 1-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x76, changing to 0x6
[  372.109367][   T24] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x6 has an invalid bInterval 100, changing to 10
[  372.162619][   T24] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 24936, setting to 1024
[  372.202146][    T9] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[  372.212313][   T24] usb 1-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  372.229528][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  372.248659][   T24] hub 1-1:1.0: bad descriptor, ignoring hub
[  372.255227][   T24] hub 1-1:1.0: probe with driver hub failed with error -5
[  372.258289][    T9] usb 5-1: device descriptor read/8, error -71
[  372.269713][   T24] cdc_wdm 1-1:1.0: skipping garbage
[  372.275294][   T24] cdc_wdm 1-1:1.0: skipping garbage
[  372.392311][   T24] cdc_wdm 1-1:1.0: probe with driver cdc_wdm failed with error -22
[  372.421830][    T9] usb usb5-port1: unable to enumerate USB device
[  372.460550][ T9594] netlink: 'syz.3.963': attribute type 75 has an invalid length.
[  372.477300][   T24] usb 1-1: USB disconnect, device number 43
[  373.142800][ T9603] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  373.315650][ T9595] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  373.326281][ T9595] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  373.335227][ T9595] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  373.352916][ T9595] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  373.377370][ T9595] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  374.271316][ T5958] usb 5-1: new high-speed USB device number 45 using dummy_hcd
[  374.441186][ T5958] usb 5-1: Using ep0 maxpacket: 8
[  374.452466][ T5958] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid maxpacket 512, setting to 64
[  374.466813][ T5958] usb 5-1: config 0 interface 0 has no altsetting 0
[  374.521266][ T5934] usb 1-1: new full-speed USB device number 44 using dummy_hcd
[  374.532527][ T5958] usb 5-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=bc.76
[  374.542227][ T5958] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  374.576889][ T5958] usb 5-1: Product: syz
[  374.591325][ T5958] usb 5-1: Manufacturer: syz
[  374.624012][ T5958] usb 5-1: SerialNumber: syz
[  374.638220][ T5958] usb 5-1: config 0 descriptor??
[  374.651189][ T5934] usb 1-1: device descriptor read/64, error -71
[  374.656307][ T5958] snd_usb_toneport 5-1:0.0: Line 6 TonePort UX2 found
[  374.853004][ T5958] snd_usb_toneport 5-1:0.0: cannot get proper max packet size
[  374.864427][ T5958] snd_usb_toneport 5-1:0.0: Line 6 TonePort UX2 now disconnected
[  374.884617][ T5958] snd_usb_toneport 5-1:0.0: probe with driver snd_usb_toneport failed with error -22
[  374.975943][ T9618] netlink: 272 bytes leftover after parsing attributes in process `syz.3.971'.
[  375.071745][ T9620] FAULT_INJECTION: forcing a failure.
[  375.071745][ T9620] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  375.091187][ T5934] usb 1-1: new full-speed USB device number 45 using dummy_hcd
[  375.097471][ T9620] CPU: 1 UID: 0 PID: 9620 Comm: syz.3.972 Not tainted syzkaller #0 PREEMPT(full) 
[  375.097495][ T9620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  375.097505][ T9620] Call Trace:
[  375.097513][ T9620]  <TASK>
[  375.097521][ T9620]  dump_stack_lvl+0x189/0x250
[  375.097546][ T9620]  ? __pfx____ratelimit+0x10/0x10
[  375.097564][ T9620]  ? __pfx_dump_stack_lvl+0x10/0x10
[  375.097583][ T9620]  ? __pfx__printk+0x10/0x10
[  375.097619][ T9620]  should_fail_ex+0x414/0x560
[  375.097648][ T9620]  _copy_to_user+0x31/0xb0
[  375.097672][ T9620]  simple_read_from_buffer+0xe1/0x170
[  375.097699][ T9620]  proc_fail_nth_read+0x1b3/0x220
[  375.097721][ T9620]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  375.097743][ T9620]  ? rw_verify_area+0x2a6/0x4d0
[  375.097763][ T9620]  ? __lock_acquire+0xab9/0xd20
[  375.097784][ T9620]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  375.097804][ T9620]  vfs_read+0x200/0xa30
[  375.097824][ T9620]  ? fdget_pos+0x247/0x320
[  375.097843][ T9620]  ? __pfx___mutex_lock+0x10/0x10
[  375.097862][ T9620]  ? __pfx_vfs_read+0x10/0x10
[  375.097884][ T9620]  ? __fget_files+0x2a/0x420
[  375.097903][ T9620]  ? __fget_files+0x3a0/0x420
[  375.097917][ T9620]  ? __fget_files+0x2a/0x420
[  375.097940][ T9620]  ksys_read+0x145/0x250
[  375.097959][ T9620]  ? __fget_files+0x3a0/0x420
[  375.097975][ T9620]  ? __pfx_ksys_read+0x10/0x10
[  375.098000][ T9620]  ? do_syscall_64+0xbe/0x3b0
[  375.098022][ T9620]  do_syscall_64+0xfa/0x3b0
[  375.098038][ T9620]  ? lockdep_hardirqs_on+0x9c/0x150
[  375.098053][ T9620]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.098069][ T9620]  ? clear_bhb_loop+0x60/0xb0
[  375.098089][ T9620]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.098105][ T9620] RIP: 0033:0x7fb0cd98d5bc
[  375.098121][ T9620] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  375.098135][ T9620] RSP: 002b:00007fb0ce759030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  375.098154][ T9620] RAX: ffffffffffffffda RBX: 00007fb0cdbd5fa0 RCX: 00007fb0cd98d5bc
[  375.098174][ T9620] RDX: 000000000000000f RSI: 00007fb0ce7590a0 RDI: 0000000000000004
[  375.098184][ T9620] RBP: 00007fb0ce759090 R08: 0000000000000000 R09: 0000000000000000
[  375.098195][ T9620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  375.098205][ T9620] R13: 00007fb0cdbd6038 R14: 00007fb0cdbd5fa0 R15: 00007fb0cdcffa28
[  375.098233][ T9620]  </TASK>
[  375.422407][ T5870] Bluetooth: hci3: command 0x0c1a tx timeout
[  375.428484][ T5870] Bluetooth: hci4: command 0x0c1a tx timeout
[  375.449956][ T5879] Bluetooth: hci2: command 0x0c1a tx timeout
[  375.455393][ T5185] Bluetooth: hci1: command 0x0c1a tx timeout
[  375.456998][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  375.551228][ T5934] usb 1-1: device descriptor read/64, error -71
[  375.661682][ T5934] usb usb1-port1: attempt power cycle
[  376.031457][ T5934] usb 1-1: new full-speed USB device number 46 using dummy_hcd
[  376.072264][ T5934] usb 1-1: device descriptor read/8, error -71
[  376.354096][ T5934] usb 1-1: new full-speed USB device number 47 using dummy_hcd
[  376.389303][ T5934] usb 1-1: device descriptor read/8, error -71
[  376.501775][ T5934] usb usb1-port1: unable to enumerate USB device
[  377.682847][ T9643] loop6: detected capacity change from 0 to 7
[  377.732727][ T5985] Dev loop6: unable to read RDB block 7
[  377.783844][ T5985]  loop6: AHDI p1 p2 p3 p4
[  377.833991][ T5985] loop6: partition table partially beyond EOD, truncated
[  377.853802][ T5985] loop6: p1 start 2521779581 is beyond EOD, truncated
[  377.868601][ T5985] loop6: p2 size 47 extends beyond EOD, truncated
[  377.904025][ T5985] loop6: p3 start 1886353253 is beyond EOD, truncated
[  377.948227][ T9643] Dev loop6: unable to read RDB block 7
[  377.984619][ T9643]  loop6: AHDI p1 p2 p3 p4
[  378.014067][ T9643] loop6: partition table partially beyond EOD, truncated
[  378.068820][ T9643] loop6: p1 start 2521779581 is beyond EOD, truncated
[  378.088818][ T9643] loop6: p2 size 47 extends beyond EOD, truncated
[  378.119342][   T24] usb 5-1: USB disconnect, device number 45
[  378.140782][ T9643] loop6: p3 start 1886353253 is beyond EOD, truncated
[  378.312117][ T9650] fuse: Invalid rootmode
[  378.328902][ T5985] udevd[5985]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  378.425848][ T5985] udevd[5985]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  378.490219][ T9655] netlink: 'syz.4.981': attribute type 75 has an invalid length.
[  378.568268][ T9657] kvm: vcpu 2: requested 128 ns lapic timer period limited to 200000 ns
[  378.577180][ T9657] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  378.790469][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  378.797086][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  379.051220][ T5934] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  379.272539][ T5934] usb 4-1: Using ep0 maxpacket: 32
[  379.279499][ T5934] usb 4-1: config 0 has an invalid interface number: 85 but max is 0
[  379.288804][ T5934] usb 4-1: config 0 has no interface number 0
[  379.295077][ T5934] usb 4-1: config 0 interface 85 altsetting 7 endpoint 0x8 has invalid maxpacket 512, setting to 64
[  379.318396][ T5934] usb 4-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  379.391468][ T5934] usb 4-1: config 0 interface 85 has no altsetting 0
[  379.424562][ T5934] usb 4-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  379.434815][ T5934] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  379.458425][ T5934] usb 4-1: Product: syz
[  379.468341][ T5934] usb 4-1: Manufacturer: syz
[  379.478293][ T5934] usb 4-1: SerialNumber: syz
[  379.498863][ T5934] usb 4-1: config 0 descriptor??
[  379.735702][   T24] usb 1-1: new high-speed USB device number 48 using dummy_hcd
[  379.757705][ T5934] appletouch 4-1:0.85: Failed to read mode from device.
[  379.805802][ T5934] appletouch 4-1:0.85: probe with driver appletouch failed with error -5
[  379.871801][ T5934] usb 4-1: USB disconnect, device number 44
[  379.912323][   T24] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  379.939446][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  380.004562][   T24] usb 1-1: config 0 descriptor??
[  380.029149][   T24] cp210x 1-1:0.0: cp210x converter detected
[  380.043331][ T9674] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  380.087358][ T9674] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  380.853198][ T5958] IPVS: starting estimator thread 0...
[  381.001463][ T9689] IPVS: using max 47 ests per chain, 112800 per kthread
[  381.551248][ T5958] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  381.701295][ T5958] usb 4-1: Using ep0 maxpacket: 8
[  381.736609][ T5958] usb 4-1: config index 0 descriptor too short (expected 30, got 18)
[  381.988995][ T5958] usb 4-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  382.071208][ T5958] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  382.091981][ T5958] usb 4-1: Product: syz
[  382.101242][ T5958] usb 4-1: Manufacturer: syz
[  382.117989][ T5958] usb 4-1: SerialNumber: syz
[  382.161002][ T5958] usb 4-1: config 0 descriptor??
[  382.180189][ T5958] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  382.188341][ T5958] usb 4-1: setting power ON
[  382.192987][ T5958] dvb-usb: bulk message failed: -22 (2/0)
[  382.204143][ T5958] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  382.214093][ T5958] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  382.232142][ T5958] usb 4-1: media controller created
[  382.687025][ T5958] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  382.751548][ T5958] usb 4-1: selecting invalid altsetting 6
[  382.767015][ T5958] usb 4-1: digital interface selection failed (-22)
[  382.786240][ T5958] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  382.807418][ T5958] usb 4-1: setting power OFF
[  382.817306][ T5958] dvb-usb: bulk message failed: -22 (2/0)
[  382.830663][ T5958] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  382.887249][   T24] cp210x 1-1:0.0: failed to get vendor val 0x370b size 1: -71
[  382.901071][ T5958] (NULL device *): no alternate interface
[  382.965184][   T24] cp210x 1-1:0.0: querying part number failed
[  383.057904][   T24] usb 1-1: cp210x converter now attached to ttyUSB0
[  383.104212][   T24] usb 1-1: USB disconnect, device number 48
[  383.115064][   T24] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  383.271499][   T24] cp210x 1-1:0.0: device disconnected
[  383.983527][ T9706] netlink: 8 bytes leftover after parsing attributes in process `syz.4.993'.
[  383.999253][ T9705] netlink: 8 bytes leftover after parsing attributes in process `syz.4.993'.
[  384.228189][ T5958] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  384.279336][ T9709] netlink: 'syz.2.995': attribute type 12 has an invalid length.
[  384.328295][ T5958] usb 4-1: USB disconnect, device number 45
[  384.341313][ T9709] netlink: 132 bytes leftover after parsing attributes in process `syz.2.995'.
[  385.545389][ T9733] netlink: 'syz.2.999': attribute type 75 has an invalid length.
[  388.000720][ T9758] fuse: Unknown parameter '¥Gærz"9-Ì×Ifd'
[  391.318649][    C1] ==================================================================
[  391.326861][    C1] BUG: KASAN: slab-use-after-free in __xfrm_state_delete+0x696/0xca0
[  391.334962][    C1] Write of size 8 at addr ffff8880793ed9b0 by task ksoftirqd/1/23
[  391.342790][    C1] 
[  391.345141][    C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Not tainted syzkaller #0 PREEMPT(full) 
[  391.345165][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  391.345176][    C1] Call Trace:
[  391.345185][    C1]  <TASK>
[  391.345193][    C1]  dump_stack_lvl+0x189/0x250
[  391.345219][    C1]  ? __virt_addr_valid+0x1c8/0x5c0
[  391.345242][    C1]  ? rcu_is_watching+0x15/0xb0
[  391.345261][    C1]  ? __kasan_check_byte+0x12/0x40
[  391.345286][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  391.345306][    C1]  ? rcu_is_watching+0x15/0xb0
[  391.345324][    C1]  ? lock_release+0x4b/0x3e0
[  391.345351][    C1]  ? __virt_addr_valid+0x1c8/0x5c0
[  391.345374][    C1]  ? __virt_addr_valid+0x4a5/0x5c0
[  391.345397][    C1]  print_report+0xca/0x240
[  391.345415][    C1]  ? __xfrm_state_delete+0x696/0xca0
[  391.345435][    C1]  kasan_report+0x118/0x150
[  391.345461][    C1]  ? __xfrm_state_delete+0x696/0xca0
[  391.345485][    C1]  __xfrm_state_delete+0x696/0xca0
[  391.345510][    C1]  xfrm_timer_handler+0x18f/0xa00
[  391.345534][    C1]  ? __pfx_xfrm_timer_handler+0x10/0x10
[  391.345553][    C1]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  391.345581][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  391.345600][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  391.345627][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  391.345656][    C1]  ? __pfx_xfrm_timer_handler+0x10/0x10
[  391.345675][    C1]  ? __pfx_xfrm_timer_handler+0x10/0x10
[  391.345695][    C1]  __hrtimer_run_queues+0x529/0xc60
[  391.345722][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  391.345739][    C1]  ? read_tsc+0x9/0x20
[  391.345769][    C1]  hrtimer_run_softirq+0x187/0x2b0
[  391.345790][    C1]  handle_softirqs+0x283/0x870
[  391.345811][    C1]  ? run_ksoftirqd+0x9b/0x100
[  391.345833][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  391.345853][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  391.345872][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  391.345889][    C1]  run_ksoftirqd+0x9b/0x100
[  391.345909][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[  391.345933][    C1]  smpboot_thread_fn+0x53f/0xa60
[  391.345952][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  391.345973][    C1]  kthread+0x70e/0x8a0
[  391.345997][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  391.346015][    C1]  ? __pfx_kthread+0x10/0x10
[  391.346037][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  391.346070][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  391.346087][    C1]  ? __pfx_kthread+0x10/0x10
[  391.346109][    C1]  ret_from_fork+0x3fc/0x770
[  391.346129][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  391.346150][    C1]  ? __switch_to_asm+0x39/0x70
[  391.346173][    C1]  ? __switch_to_asm+0x33/0x70
[  391.346195][    C1]  ? __pfx_kthread+0x10/0x10
[  391.346217][    C1]  ret_from_fork_asm+0x1a/0x30
[  391.346247][    C1]  </TASK>
[  391.346254][    C1] 
[  391.620121][    C1] Allocated by task 9314:
[  391.624452][    C1]  kasan_save_track+0x3e/0x80
[  391.629139][    C1]  __kasan_slab_alloc+0x6c/0x80
[  391.633987][    C1]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  391.639448][    C1]  xfrm_state_alloc+0x24/0x2f0
[  391.644206][    C1]  __find_acq_core+0x8a7/0x1c00
[  391.649054][    C1]  xfrm_find_acq+0x78/0xa0
[  391.653467][    C1]  xfrm_alloc_userspi+0x6b3/0xc90
[  391.658493][    C1]  xfrm_user_rcv_msg+0x7a0/0xab0
[  391.663429][    C1]  netlink_rcv_skb+0x205/0x470
[  391.668185][    C1]  xfrm_netlink_rcv+0x79/0x90
[  391.672862][    C1]  netlink_unicast+0x82c/0x9e0
[  391.677631][    C1]  netlink_sendmsg+0x805/0xb30
[  391.682387][    C1]  __sock_sendmsg+0x21c/0x270
[  391.687085][    C1]  ____sys_sendmsg+0x505/0x830
[  391.691873][    C1]  ___sys_sendmsg+0x21f/0x2a0
[  391.696566][    C1]  __x64_sys_sendmsg+0x19b/0x260
[  391.701508][    C1]  do_syscall_64+0xfa/0x3b0
[  391.706008][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  391.711992][    C1] 
[  391.714313][    C1] Freed by task 5958:
[  391.718285][    C1]  kasan_save_track+0x3e/0x80
[  391.722966][    C1]  kasan_save_free_info+0x46/0x50
[  391.727993][    C1]  __kasan_slab_free+0x5b/0x80
[  391.732755][    C1]  kmem_cache_free+0x18f/0x400
[  391.737518][    C1]  xfrm_state_gc_task+0x52d/0x6b0
[  391.742720][    C1]  process_scheduled_works+0xae1/0x17b0
[  391.748348][    C1]  worker_thread+0x8a0/0xda0
[  391.752941][    C1]  kthread+0x70e/0x8a0
[  391.757011][    C1]  ret_from_fork+0x3fc/0x770
[  391.761594][    C1]  ret_from_fork_asm+0x1a/0x30
[  391.766362][    C1] 
[  391.768679][    C1] The buggy address belongs to the object at ffff8880793ed980
[  391.768679][    C1]  which belongs to the cache xfrm_state of size 928
[  391.782650][    C1] The buggy address is located 48 bytes inside of
[  391.782650][    C1]  freed 928-byte region [ffff8880793ed980, ffff8880793edd20)
[  391.796538][    C1] 
[  391.798857][    C1] The buggy address belongs to the physical page:
[  391.805262][    C1] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880793ed540 pfn:0x793ec
[  391.815328][    C1] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  391.823831][    C1] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  391.831374][    C1] page_type: f5(slab)
[  391.835366][    C1] raw: 00fff00000000040 ffff888142efd140 dead000000000122 0000000000000000
[  391.843947][    C1] raw: ffff8880793ed540 00000000800f0009 00000000f5000000 0000000000000000
[  391.852530][    C1] head: 00fff00000000040 ffff888142efd140 dead000000000122 0000000000000000
[  391.861200][    C1] head: ffff8880793ed540 00000000800f0009 00000000f5000000 0000000000000000
[  391.869864][    C1] head: 00fff00000000002 ffffea0001e4fb01 00000000ffffffff 00000000ffffffff
[  391.878541][    C1] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  391.887220][    C1] page dumped because: kasan: bad access detected
[  391.893731][    C1] page_owner tracks the page as allocated
[  391.899446][    C1] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 6816, tgid 6814 (syz.1.205), ts 156985614443, free_ts 156451571259
[  391.918634][    C1]  post_alloc_hook+0x240/0x2a0
[  391.923420][    C1]  get_page_from_freelist+0x21e4/0x22c0
[  391.928964][    C1]  __alloc_frozen_pages_noprof+0x181/0x370
[  391.934767][    C1]  alloc_pages_mpol+0x232/0x4a0
[  391.939639][    C1]  allocate_slab+0x8a/0x370
[  391.944229][    C1]  ___slab_alloc+0xbeb/0x1420
[  391.948911][    C1]  kmem_cache_alloc_noprof+0x283/0x3c0
[  391.954372][    C1]  xfrm_state_alloc+0x24/0x2f0
[  391.959167][    C1]  __find_acq_core+0x8a7/0x1c00
[  391.964019][    C1]  xfrm_find_acq+0x78/0xa0
[  391.968436][    C1]  xfrm_alloc_userspi+0x6b3/0xc90
[  391.973463][    C1]  xfrm_user_rcv_msg+0x7a0/0xab0
[  391.978403][    C1]  netlink_rcv_skb+0x205/0x470
[  391.983162][    C1]  xfrm_netlink_rcv+0x79/0x90
[  391.987839][    C1]  netlink_unicast+0x82c/0x9e0
[  391.992608][    C1]  netlink_sendmsg+0x805/0xb30
[  391.997370][    C1] page last free pid 1345 tgid 1345 stack trace:
[  392.003691][    C1]  __free_frozen_pages+0xbc4/0xd30
[  392.008805][    C1]  free_large_kmalloc+0x13a/0x1f0
[  392.013831][    C1]  io_ring_ctx_free+0x41d/0x4e0
[  392.019118][    C1]  io_ring_exit_work+0x8c4/0x930
[  392.024053][    C1]  process_scheduled_works+0xae1/0x17b0
[  392.029603][    C1]  worker_thread+0x8a0/0xda0
[  392.034192][    C1]  kthread+0x70e/0x8a0
[  392.038261][    C1]  ret_from_fork+0x3fc/0x770
[  392.042848][    C1]  ret_from_fork_asm+0x1a/0x30
[  392.047617][    C1] 
[  392.049938][    C1] Memory state around the buggy address:
[  392.055564][    C1]  ffff8880793ed880: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[  392.063618][    C1]  ffff8880793ed900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  392.071687][    C1] >ffff8880793ed980: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  392.079756][    C1]                                      ^
[  392.085397][    C1]  ffff8880793eda00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  392.093463][    C1]  ffff8880793eda80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  392.101535][    C1] ==================================================================
[  392.109693][    C1] vkms_vblank_simulate: vblank timer overrun
[  392.115756][    C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  392.123068][    C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Not tainted syzkaller #0 PREEMPT(full) 
[  392.132292][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  392.142368][    C1] Call Trace:
[  392.145667][    C1]  <TASK>
[  392.148620][    C1]  dump_stack_lvl+0x99/0x250
[  392.153251][    C1]  ? __asan_memcpy+0x40/0x70
[  392.157877][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  392.163102][    C1]  ? __pfx__printk+0x10/0x10
[  392.167725][    C1]  vpanic+0x281/0x750
[  392.171729][    C1]  ? __pfx_print_hex_dump+0x10/0x10
[  392.176948][    C1]  ? __pfx_vpanic+0x10/0x10
[  392.181475][    C1]  ? irqentry_exit+0x74/0x90
[  392.186085][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  392.191302][    C1]  panic+0xb9/0xc0
[  392.195029][    C1]  ? __pfx_panic+0x10/0x10
[  392.199458][    C1]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  392.205370][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  392.211706][    C1]  ? __xfrm_state_delete+0x696/0xca0
[  392.216992][    C1]  check_panic_on_warn+0x89/0xb0
[  392.221935][    C1]  ? __xfrm_state_delete+0x696/0xca0
[  392.227231][    C1]  end_report+0x78/0x160
[  392.231486][    C1]  kasan_report+0x129/0x150
[  392.235993][    C1]  ? __xfrm_state_delete+0x696/0xca0
[  392.241289][    C1]  __xfrm_state_delete+0x696/0xca0
[  392.246403][    C1]  xfrm_timer_handler+0x18f/0xa00
[  392.251429][    C1]  ? __pfx_xfrm_timer_handler+0x10/0x10
[  392.257059][    C1]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  392.262958][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  392.268155][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  392.274062][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  392.280404][    C1]  ? __pfx_xfrm_timer_handler+0x10/0x10
[  392.285953][    C1]  ? __pfx_xfrm_timer_handler+0x10/0x10
[  392.291511][    C1]  __hrtimer_run_queues+0x529/0xc60
[  392.296746][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  392.302548][    C1]  ? read_tsc+0x9/0x20
[  392.306807][    C1]  hrtimer_run_softirq+0x187/0x2b0
[  392.311931][    C1]  handle_softirqs+0x283/0x870
[  392.316697][    C1]  ? run_ksoftirqd+0x9b/0x100
[  392.321375][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  392.326662][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  392.331683][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  392.336704][    C1]  run_ksoftirqd+0x9b/0x100
[  392.341208][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[  392.346321][    C1]  smpboot_thread_fn+0x53f/0xa60
[  392.351261][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  392.356297][    C1]  kthread+0x70e/0x8a0
[  392.360369][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  392.365825][    C1]  ? __pfx_kthread+0x10/0x10
[  392.370414][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  392.375702][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  392.380901][    C1]  ? __pfx_kthread+0x10/0x10
[  392.385494][    C1]  ret_from_fork+0x3fc/0x770
[  392.390086][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  392.395197][    C1]  ? __switch_to_asm+0x39/0x70
[  392.399966][    C1]  ? __switch_to_asm+0x33/0x70
[  392.404729][    C1]  ? __pfx_kthread+0x10/0x10
[  392.409320][    C1]  ret_from_fork_asm+0x1a/0x30
[  392.414094][    C1]  </TASK>
[  392.417271][    C1] Kernel Offset: disabled
[  392.421593][    C1] Rebooting in 86400 seconds..